LeadByte Support

Authorising AJAX / CORS Requests

Follow

LeadByte blocks direct AJAX/CORS requests for security reasons. To submit form data safely, you must send it through your own server and authorise your domain or IP in LeadByte. This article explains how to generate the correct REST API key and how to whitelist the domains or servers that will be sending data.

The recommended approach is to avoid sending AJAX requests directly to your LeadByte REST API endpoint. Instead, send the AJAX request to a script on your own server. That script can then forward the data to LeadByte using a server‑side method such as cURL.

This ensures your API credentials remain secure, as they are never exposed in the browser.
 


Step 1 — Generate a REST API Key (CREATE Permission Required)
Create a REST API key in your LeadByte account with permission to CREATE leads.

For guidance, see: CREATE Lead via REST API


Step 2 — Authorise Your Domain or IP Address
Only Admin users can manage domain authorisation.

To authorise your domain:

  1. Go to Admin > Tech Hub > Domain Authorisation
  2. Add the domain(s) you will be sending requests from
  3. Save your changes

Please allow up to 5 minutes for the domain to become active.

Server‑to‑Server Requests

If your request originates from a server rather than a browser:

  • Add the server’s IP address to the authorisation list
  • Server‑to‑server requests can be authorised by IP address or by whitelisting your API key
  • If you are using a subdomain, ensure you enter it in full (e.g., hello.mydomain.com)


    Dashboard 2026-01-19 at 10.31.27 am 2026-01-19 at 10.31.46 am.jpg
     
Was this article helpful?
0 out of 0 found this helpful

Comments