Lead Capture API

Endpoint

Method	Path	Description
`POST`	`/lead.capture`	Primary — accepts lead form submissions
`POST`	`/lead`	Deprecated — backward compatible, emits `X-Deprecated` + `Sunset` headers
`POST`	`/`	Deprecated — backward compatible, emits `X-Deprecated` + `Sunset` headers

Migration notice: The catch-all lead handler has been replaced by the explicit /lead.capture route. The legacy /lead and / paths remain functional but will be removed after 2026-06-01. Update your integrations to use POST /lead.capture.

How It Works

Accepts POST requests with form data (JSON, application/x-www-form-urlencoded, multipart/form-data, or text/plain)
Extracts lead fields: name, email, phone, project, location, team
Enriches with geolocation data from Cloudflare headers
Looks up visitor's engagement score from tracking sessions
Calculates suspicion score (honeypot, time-to-submit, form velocity)
Finds related projects the visitor previously inquired about
Checks for bot leads (when BOT_LEAD_DETECTION is enabled)
Resolves canonical lead by identity + project (visitor_id > email > phone > IP)
Writes every submit into LeadSubmissions history table
Forwards the enriched payload to a Make.com webhook for new primary leads
Stores canonical lead in D1 Leads table
Returns a 301 redirect to a thank-you page

Expected Fields

Field	Description
`FIRSTNAME`	Lead's first name
`EMAIL`	Lead's email address
`PHONE`	Lead's phone number
`PROJECT`	Real estate project name
`LOCATION`	City/location
`TEAM`	Source team identifier
`DOMAIN`	Source website domain
`SOURCE`	Lead source (`WebSite`, `FB`, `99`)
`COUNTRYCODE`	Country dial code (preferred canonical key, e.g. `+91`)
`KEYWORD`	Marketing keyword
`USER_MESSAGE`	Optional message

Auto-injected by form.js

These fields are added automatically when using the dynamic form builder:

Field	Description
`__visitor_id`	Visitor ID from tracker.js (localStorage `_pg_vid`)
`__pg_hp`	Honeypot field value (should be empty for real users)
`__pg_tts`	Time-to-submit in seconds

Campaign parameters are also auto-injected as __gclid, __utm_source, __utm_medium, __utm_campaign, __utm_term, __utm_content, __fbclid, __msclkid.

Country Code Input Compatibility

Backend normalizes country code keys and always treats them as COUNTRYCODE.

Preferred key: COUNTRYCODE
Also accepted: countryCode, country_code

Response

On success, the handler returns a 301 redirect to {DOMAIN}/thank-you-{slug} (where {slug} is derived from the referring page path). For AJAX submissions, a JSON response with the redirect URL is returned.

Environment Variables

Variable	Description
`ENVIRONMENT`	`development` or `production`
`BOT_LEAD_DETECTION`	Enable/disable bot detection

When bot detection is enabled, bot-classified submissions are still stored in D1 for history and investigation; only CRM forwarding is suppressed.

Lead Capture API ​

Endpoint ​

How It Works ​

Expected Fields ​

Auto-injected by form.js ​

Country Code Input Compatibility ​

Response ​

Environment Variables ​