FormSync

API Authentication

Authenticate FormSync Public API requests with a bearer API key.

Authentication

Every request to the FormSync Public API must include an API key in the Authorization header.

HTTP
Authorization: Bearer fs_your_api_key_here

Requests without a valid bearer token are rejected with 401 Unauthorized.

Creating an API Key

You can create API keys from the FormSync dashboard:

  1. Open Dashboard.
  2. Navigate to API Keys.
  3. Create a new key and give it a descriptive name such as Production Backend or Analytics Worker.

FormSync shows the full API key only once at creation time. Store it securely in your secrets manager or environment variables.

Example Request

cURL
curl https://api.formsync.app/v1/forms \
  -H "Authorization: Bearer $FORMSYNC_API_KEY" \
  -H "Accept: application/json"

Using the SDK

The recommended way to work with the API from JavaScript or TypeScript is with the official formsync package:

Node.js
import { FormSync } from "formsync";
 
const formsync = new FormSync({
  apiKey: process.env.FORMSYNC_API_KEY!,
});

You can also import from the explicit API subpath if you prefer:

Alternative import
import { FormSync } from "formsync/api";

Both approaches create the same authenticated API client.

Server-Side Usage

API keys must only be used in trusted server environments.

Recommended places to use them:

Do not expose API keys in:

Key Rotation and Revocation

If a key is lost, leaked, or no longer needed:

  1. delete the compromised key from the dashboard
  2. create a replacement key
  3. update the affected deployment or secret store

Because keys are stored securely and only shown once, the safest recovery flow is to rotate them instead of trying to recover them.

Error Codes

Status CodeMeaningWhen it happens
401UnauthorizedMissing, malformed, inactive, deleted, or invalid API key.
404Not FoundThe requested form does not exist or does not belong to the authenticated account.
429Too Many RequestsThe API rate limit has been exceeded.
500Internal Server ErrorAn unexpected error occurred on the server.

Rate Limiting

Authenticated API requests are currently limited to 120 requests per minute per API key and IP address combination.

When the limit is exceeded, FormSync returns:

429 response
{
  "success": false,
  "message": "Too many API requests. Please try again later."
}

For best results, retry with backoff and avoid aggressive polling loops.

How is this guide?

Last updated on May 1, 2026

Previous

Angular Integration

Next

Forms API