Authentication
All Formtorch API requests require a Bearer token in the Authorization header.
API access requires a Starter or Pro plan. Requests from Free accounts
receive 403 plan_required.
Generating an API key
- Sign in to app.formtorch.com
- Go to Settings → API Keys
- Click Create new key
- Give it a name and click Create
- Copy the key. It’s only shown once.
Store the key in an environment variable. Never commit it to version control.
Using the API key
Include it as a Bearer token in the Authorization header:
curl https://api.formtorch.com/v1/forms \
-H "Authorization: Bearer YOUR_API_KEY"In JavaScript:
const res = await fetch("https://api.formtorch.com/v1/forms", {
headers: {
Authorization: `Bearer ${process.env.FORMTORCH_API_KEY}`,
},
});Key scopes
Keys generated from the dashboard have read access to your account’s forms and submissions. Write endpoints and scoped keys are planned for a future release.
Revoking a key
Go to Settings → API Keys and click Revoke next to the key. Revoked keys stop working immediately.
If you suspect a key has been compromised, revoke it immediately and generate
a replacement. Requests made with a revoked key return 401 Unauthorized.
Error responses
| Status | Code | Meaning |
|---|---|---|
401 Unauthorized | unauthorized | Missing or malformed API key |
403 Forbidden | plan_required | API access requires Starter or Pro plan |
403 Forbidden | forbidden | Valid key but insufficient permissions |
Last updated on