US
UnStatic

Documentation

Integrate UnStatic in minutes

Add a form backend to any static site — HTML, React, Vue, or plain JavaScript. No server required.

Quick start video

How it works

01

Create an endpoint

Sign in and go to your dashboard. Click "New Endpoint" and configure your rate limit and TTL. You'll get a unique API key.

02

Add the form to your site

Point your HTML form action or fetch call at the gateway URL with your API key. Add the honeypot field to catch bots.

03

Receive submissions

Every submission is stored securely. Rate limiting and bot detection happen automatically — no extra config needed.

Code examples

HTML formhtml
<form action="https://gateway.unstatic.dev/message/YOUR_API_KEY" method="POST">
  <input type="text"  name="name"     placeholder="Your name"  required />
  <input type="email" name="email"    placeholder="Your email" required />
  <textarea           name="message"  placeholder="Message"    required></textarea>

  <!-- Honeypot: invisible to humans, traps bots -->
  <input type="text" name="_honeypot" style="display:none" tabindex="-1" autocomplete="off" />

  <button type="submit">Send</button>
</form>
JavaScript / fetchjs
const res = await fetch(
  "https://gateway.unstatic.dev/message/YOUR_API_KEY",
  {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
      name: "John",
      email: "john@example.com",
      message: "Hello!",
      _honeypot: "",  // always empty
    }),
  }
);

const data = await res.json();
console.log(data.request_id); // submission ID
Reactjsx
const handleSubmit = async (e) => {
  e.preventDefault();

  const res = await fetch(
    "https://gateway.unstatic.dev/message/YOUR_API_KEY",
    {
      method: "POST",
      headers: { "Content-Type": "application/json" },
      body: JSON.stringify({ name, email, message, _honeypot: "" }),
    }
  );

  const data = await res.json();
  if (data.success) alert("Message sent!");
};

API responses

200 OKSubmission accepted
{
  "success": true,
  "request_id": "uuid",
  "message": "Message accepted",
  "current_requests": 1,
  "allowed_requests": 100
}
429 Too Many RequestsRate limit exceeded
{
  "message": "Too many requests. Please try again later.",
  "current_requests": 101,
  "allowed_requests": 100
}
403 ForbiddenInvalid API key or IP blocked
{
  "message": "Invalid API key"
}

Bot protection

Always include the honeypot field

Add a hidden input named _honeypot to every form. Humans never see it — bots fill it automatically. When filled, the IP is silently blocked and a fake success is returned so the bot doesn't retry.

<input type="text" name="_honeypot" style="display:none" tabindex="-1" autocomplete="off" />

Free plan limits

Endpoints3
Request body size50 KB
Rate limit (configurable)Up to 10,000 req/hr
Submissions storedUnlimited
Bot protectionIncluded
Auto IP blockingIncluded