Add a waitlist form without a backend | Use cases | Lanes
A waitlist is the classic "I just need to collect emails" problem, and it should not require standing up a backend. Lanes Forms gives you a live endpoint in one request.
That request is a POST /v1/forms with a schema, which for a waitlist is a single required email field. The response returns an endpoint_url your page can post to, plus a claim link that makes the form yours later. There is no signup before the first submission, and the endpoint starts collecting the moment it exists. The quickstart walks the whole path in three steps.
How Lanes Forms does it
Provision in one call. One POST returns a live form endpoint, no signup. Only schema is required, with field types for text, email, textarea, number, checkbox, and hidden. Anonymous creates are idempotent for 24 hours, so rerunning the same call replays the same form instead of creating a duplicate. Every option is covered in provisioning.
Collect immediately. Submissions are captured from the first second and stored for you. While the form is unclaimed it holds up to 25 submissions and forwards nothing, which is enough to launch the page today and sort out ownership tomorrow.
Point your page at it. Wire a plain HTML form or a fetch to the endpoint. A plain form post redirects the visitor to a hosted thank-you page, no JavaScript needed; a fetch call gets a JSON receipt with a submission id instead. Ready-made snippets are in integrating.
Claim when ready. Claim the form into your dashboard by email to manage submissions and export them. Claiming releases every held signup and turns on email forwarding, with your first recipient pre-verified. An unclaimed form freezes after 7 days, so claim before then. See claiming.
Spam handled
Honeypots, per-IP rate limits, and disposable-email rejection keep junk out of your list without any extra setup. The hidden _gotcha field silently marks bot submissions as spam while still returning success, so the bot learns nothing. Submissions are limited to 10 per minute per IP, request bodies are capped at 64 KB, and IP addresses are stored only as salted hashes.
You can also lock the endpoint to your own site with allowed_origins: a browser post from any other origin gets a 403, and CORS responses echo your exact origin, never a wildcard. See securing your endpoints.
Set it up
Provision the endpoint. One curl, no auth. The response includes the endpoint_url, and a claim link is emailed to your first recipient.
Bash
curl -X POST https://api.lanes.sh/v1/forms \<br>-H "Content-Type: application/json" \<br>-d '{<br>"recipients": ["[email protected]"],<br>"allowed_origins": ["example.com"],<br>"schema": [<br>{"name": "email", "type": "email", "required": true}<br>}'
Point your page at it. A plain HTML form is enough. Keep the hidden honeypot input.
html
form action="https://api.lanes.sh/v1/f/YOUR_FORM_ID" method="POST"><br>input type="email" name="email" required />
input type="text" name="_gotcha" style="display:none" tabindex="-1" /><br>button type="submit">Joinbutton><br>form>
Claim it. Open the claim link, sign in, and every signup collected so far lands in your dashboard. Forwarding to your inbox starts at the same moment.
p]:m-0 border-border text-muted-foreground">Without this, a waitlist means writing and hosting a handler, provisioning storage, filtering bots, and keeping all of it alive for a page that may be gone in a month. The endpoint-first flow inverts that: the form exists in seconds, and it only earns an account when the signups prove it should.
Further reading
Quickstart: provision, wire, and claim in three steps.
Provisioning a form: every option on the create call, plus the unclaimed limits.
Claiming a form: how held submissions release and forwarding turns on.
Securing your endpoints: origin allowlists, per-form CORS, and the built-in defenses.
Lead capture and newsletter signups: the same pattern, pointed at your marketing stack.
See Lanes Forms or read the quickstart.