Free API Keys

Caution

Starting 01/01/2025, the limit for Free API Keys will be reduced to 50 requests per day. Until then, the limit remains 200 requests per day. Users needing higher request volumes are encouraged to upgrade to a paid plan.

Free API Keys are available at no cost, offering limited access to the AntiSpam API.

Conditions for Free API Keys:

• Limited to 50 requests per day (per domain)
• Subject to additional rate limits
• Attribution required

Free vs. Paid Access

Upgrading to paid API Keys unlocks additional features like API Analytics and Logs, allowing you to monitor API usage for your websites and applications.

Feature	Free	Paid
Request limit	50 requests/day	Based on purchased volume
Referrer restrictions	One referrer per key	Adjustable
API analytics	No	Yes
API request logs	No	Yes
Attribution required	Yes	No

Generating a Free API Key

Free API Keys are tied to a specific domain name and only function on websites hosted on the provided domain name.

Note

Free API Keys require attribution on your website.

Generate a Free API Key

Invalid response:

Success! Make something awesome!

Download

Your website's domain:

If you're using a non-standard port number, enter the domain name and port in this format: example.com:3000.

Generate

The server will generate a new Free API Key and a secret:

{
  "hostname": "example.com",
  "apiKey": "ckey_49960de...",
  "secret": "csec_55de16dde79f94...",
  "license": "...",
  "verification": {
    "DNS": {
      "name": "@",
      "type": "TXT",
      "value": "altcha-verification=..."
    }
  }
}

The secret csec_... is used for payload verification (as HMAC secret) and must remain confidential, never exposed publicly.

Refer to the documentation to learn how to generate a new API Key using the API.

Domain Verification

Note

Domain name verification only applies to Free API Keys.

While optional, domain verification is strongly recommended. Verifying the ownership of your domain name via the DNS TXT record configured with the provided altcha-verification=... value adds an extra layer of security.

Domain verification ensures that your API Key is appropriately associated with the domain name it is intended to work with.

To verify your domain name, follow these steps:

1. Access your DNS records management panel.
2. Add a TXT record with the following details:
   • Record Type: TXT
   • Host/Name: @ (or your domain name)
   • Value/Text: altcha-verification=abc... (replace abc... with your unique verification token obtained when you generated the API Key)
3. Save the changes.

Once the DNS record is successfully added and propagated, the domain ownership will be verified. This ensures the secure usage of your API Key with the specified domain name.

Attribution for Free API Keys

When using the Free API Key, you MUST display “Protected by ALTCHA” along with the logo in the widget (i.e., do not use hidelogo or hidefooter). If you’re not using the widget, you MUST include an attribution in the footer of your website, at least on the homepage:

<a href="https://altcha.org">Protected by ALTCHA</a>

You may translate or modify the text, but it must convey a similar meaning to “Protected by ALTCHA”. The link must direct to https://altcha.org and should not include rel="nofollow".

Don’t hide logo and footer with Free API Keys