Send inbound data
Forward any inbound payload - form submissions, email contents, webhooks, AI prompts. One endpoint accepts them all.
InputGate scores risk, filters spam, and blocks bots - before bad data ever lands. No CAPTCHA, no friction for your users. One API call from your backend.
Pipe inbound data through one POST. Get back a structured score with reasoning - in under 50 ms.
Forward any inbound payload - form submissions, email contents, webhooks, AI prompts. One endpoint accepts them all.
Our engine combines content patterns, behavioral signals, IP reputation, and geo data into a single calibrated risk score.
Clean JSON response - score, recommendation, plain-English reasoning. Block, flag, or pass through. You decide.
Tight scope, deep engineering. Every feature exists to make one bad-input decision faster and more correct.
Every request gets a calibrated 0–100 score across multiple signal axes. Each axis - spam language, bot patterns, IP reputation, content quality - contributes a weighted sub-score. Use our built-in threshold or apply your own. The math is fully exposed, not a black box.
InputGate filters at the server, not the browser. Your users never see a puzzle, a checkbox, or a slowdown. Invisible protection - entirely by design.
Default retention is flagged_only - clean submissions are scored and discarded. GDPR Art. 25 compliant out of the box.
Block or allow by country with one parameter.
Require certain languages, block others. Detected via Unicode script analysis - zero added latency.
Fulfil GDPR Art. 17 programmatically. One call deletes every log row tied to an IP - with an audit trail.
InputGate sits inline between your traffic sources and your downstream systems - applying layered checks in a single round trip.
One POST. One JSON response. No SDK. No webhook plumbing. Just a curl-able endpoint that works from any language with an HTTP client.
// Score an inbound form submission const res = await fetch( "https://api.inputgate.cloud/v1/check", { method: "POST", headers: { "Authorization": `Bearer ${API_KEY}`, "Content-Type": "application/json", }, body: JSON.stringify({ fields: { email: req.body.email, message: req.body.message, }, client_ip: req.ip, domain: "myapp.com", context: "Lead capture form on a real estate website", retention: "flagged_only", // GDPR-safe }), } ); const { spam_score, is_spam, reason } = await res.json(); if (spam_score > 75) return reject(reason);
fields object → score, recommendation, plain-English reason. No webhooks. No callbacks. One round trip.Stop junk leads before they pollute your CRM and waste sales-team time.
Filter prompt injections, jailbreaks, and adversarial inputs before they reach your LLM.
Keep support queues clean. Filter bots and low-quality messages at the edge.
Validate inbound payloads before triggering downstream automations.
Score every record before write. Only real humans hit your funnel.
Drop into any Make / Zapier / n8n flow as an HTTP filter step.
"InputGate grew out of years of protecting WordPress websites from spam and abusive submissions."
That hard-won experience - hundreds of millions of real attacks analyzed, patterns learned, edge cases handled - is now available as a single API call for any stack.
Start free. Scale as you grow. No per-seat pricing, no hidden fees, no minimum contracts.
Practical guides on spam protection, bot detection, and safer web apps.
Drop InputGate into your stack today. Protect every inbound workflow in under five minutes.