Website Builder API
GET /services/websites/v1/forms/altcha/challenge Public

Issue Captcha Challenge

Public, unauthenticated endpoint the ALTCHA widget fetches (via `challengeurl`) on every form render. Returns the bare, signed challenge JSON — NOT wrapped in the standard ApiResponse envelope — because the widget expects the provider's native shape ({ algorithm, challenge, maxnumber, salt, signature }). Cheap by design: a single HMAC operation, no database writes. The HMAC secret never leaves the server. Route-level throttling guards against abuse.

Responses

503
200
429
Service unavailable
Headers
HeaderTypeDescriptionExample
X-RateLimit-Limit integer Maximum number of requests allowed per minute 60
X-RateLimit-Remaining integer Number of requests remaining in the current window 57
FieldTypeDescription
error boolean
message string
Successful response
Headers
HeaderTypeDescriptionExample
X-RateLimit-Limit integer Maximum number of requests allowed per minute 60
X-RateLimit-Remaining integer Number of requests remaining in the current window 57
Too Many Requests — rate limit exceeded
Headers
HeaderTypeDescriptionExample
X-RateLimit-Limit integer Maximum number of requests allowed per minute 60
X-RateLimit-Remaining integer Number of requests remaining in the current window 57
Retry-After integer Seconds until the rate limit resets 60
FieldTypeDescription
error boolean
message string
Base URL
https://api.wemasy.nl/api
Authentication

Request Sample
cURL
JS
PHP
Python
curl -X GET "https://api.wemasy.nl/api/services/websites/v1/forms/altcha/challenge" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Accept: application/json"
fetch('https://api.wemasy.nl/api/services/websites/v1/forms/altcha/challenge', {
  method: 'GET',
  headers: {
    'Authorization': 'Bearer YOUR_API_TOKEN',
    'Accept': 'application/json'  }})
.then(r => r.json())
.then(data => console.log(data));
$response = Http::withToken('YOUR_API_TOKEN')
    ->accept('application/json')
    ->get('https://api.wemasy.nl/api/services/websites/v1/forms/altcha/challenge');
$data = $response->json();
import requests

headers = {
    "Authorization": "Bearer YOUR_API_TOKEN",
    "Accept": "application/json"
}
r = requests.get("https://api.wemasy.nl/api/services/websites/v1/forms/altcha/challenge", headers=headers)
print(r.json())

Try It

Export