Quick checklist

Confirm you’re submitting to the correct endpoint: /api/f/<form_id>.
Confirm the form is Active in the dashboard.
If using HTML form posts: expect a 303 redirect on success.
If using AJAX/JSON: expect a JSON response and handle success in your UI (no automatic redirect).
Make sure your page’s domain matches the form’s allowed origin.

403 errors

“Origin not allowed”

Your site’s Origin header didn’t match the form’s allowed origin. Common causes:

“This form is no longer accepting submissions”

The form endpoint is inactive. Reactivate it in the dashboard, or use a different endpoint.

Rate limiting (“Too many submissions”)

Submissions can be throttled if the same visitor (IP) posts too quickly. Wait a bit and retry.

If you have a bug causing repeated submits (double click, retry loop), fix that client-side first.

Monthly limit reached

Your form has a monthly submission cap. If you hit it, new submissions are rejected until the month resets or your plan limit increases.

CAPTCHA errors: if you enabled Turnstile/reCAPTCHA/hCaptcha, the visitor must include the provider token field with the submission.
Schema / required fields: if you set validation rules (Pro), the submission must include required fields and match constraints.
Body size limits: very large payloads (especially file uploads) can be rejected. If you’re uploading files, ensure Pro file uploads are enabled and you’re usingmultipart/form-data.

A 500 indicates a server-side failure while processing the submission. Try again once. If it consistently fails, collect:

Then contact support with those details.