Free API Keys
Free API Keys are available at no cost, offering limited access to the AntiSpam API.
Conditions for Free API Keys:
- Limited to 50 requests per day (per domain)
- Subject to additional rate limits
- Attribution required
Free vs. Paid Access
Upgrading to paid API Keys unlocks additional features like API Analytics and Logs, allowing you to monitor API usage for your websites and applications.
Feature | Free | Paid |
---|---|---|
Request limit | 50 requests/day | Based on purchased volume |
Referrer restrictions | One referrer per key | Adjustable |
API analytics | No | Yes |
API request logs | No | Yes |
Attribution required | Yes | No |
Generating a Free API Key
Free API Keys are tied to a specific domain name and only function on websites hosted on the provided domain name.
The server will generate a new Free API Key and a secret:
The secret csec_...
is used for payload verification (as HMAC secret) and must remain confidential, never exposed publicly.
Refer to the documentation to learn how to generate a new API Key using the API.
Domain Verification
While optional, domain verification is strongly recommended. Verifying the ownership of your domain name via the DNS TXT
record configured with the provided altcha-verification=...
value adds an extra layer of security.
Domain verification ensures that your API Key is appropriately associated with the domain name it is intended to work with.
To verify your domain name, follow these steps:
- Access your DNS records management panel.
- Add a
TXT
record with the following details:- Record Type: TXT
- Host/Name: @ (or your domain name)
- Value/Text:
altcha-verification=abc...
(replaceabc...
with your unique verification token obtained when you generated the API Key)
- Save the changes.
Once the DNS record is successfully added and propagated, the domain ownership will be verified. This ensures the secure usage of your API Key with the specified domain name.
Attribution for Free API Keys
When using the Free API Key, you MUST display “Protected by ALTCHA” along with the logo in the widget (i.e., do not use hidelogo
or hidefooter
). If you’re not using the widget, you MUST include an attribution in the footer of your website, at least on the homepage:
You may translate or modify the text, but it must convey a similar meaning to “Protected by ALTCHA”. The link must direct to https://altcha.org
and should not include rel="nofollow"
.