Email Address Verification
It is also possible to perform email address verification without relying on the widget system. This process is independent of the widget and requires a server-side email verification implementation. As a result, there is no need to load a widget if you only want to check the validity of email addresses.
By verifying email addresses with our API, you can ensure that only qualified users gain access to your services while ensuring secure delivery of your emails to their inboxes. With this verification, you can easily deny access or block users with temporary email addresses. This feature guarantees that they always enter the correct email address, which protects your mail server's reputation and saves you money.
Verifying email addresses works in the same way as the captcha solution, only the endpoint is different (/emailverify). Again, to avoid exposing your secret key, you should only do this on your server.
You will need your secret key. This can be generated automatically when you add a project to your dashboard or by using an existing project.
To ensure that this is a valid email address that can receive emails, you will verify the email address with the API endpoint. You will also ensure that it is not a disposable email address.
To verify email addresses, make a POST request to
https://www.zencaptcha.com/captcha/emailverify
with the following parameters:
| Post Parameter | Description |
|---|---|
| secret | Your secret key (simply add a project to your dashboard or use an existing project) |
Optional: User email address. Alternatively, you can obfuscate the first part before the @ symbol (john@example.com -> xxx@example.com), or simply specify the domain name of the email address (for maximum privacy: example.com). |
Do not use a GET request to call /emailverify (or it will fail)
curl exampleβ
Change john@example.com and YOUR-SECRET-KEY with your values:
curl https://www.zencaptcha.com/captcha/emailverify
-X POST
-H "Content-Type: application/x-www-form-urlencoded"
-d 'email=john@example.com&secret=YOUR-SECRET-KEY'
Summary of the POST request responseβ
| Response Key | Description |
|---|---|
| success | true means that the email address is valid and it is not a disposable or temporary email address. false means that it is an invalid or disposable / temporary email address. Use emailvalid to find out more. |
| emailvalid | "valid_email" means that it is valid. (Ideally, you should only check that it is "valid_email"). "invalid_email" means that it is an invalid email address or that it would not be possible to deliver emails to this email address. "disposable_email" means that it is a disposable or temporary email address. "upgrade_plan" means that you need to be on a paid plan to use this feature or that. "none" means that the email address was not checked (probably no email address send for verification) |
Examples: PHP / Node / Python / Rubyβ
- PHP
- Node
- Python
- Ruby
$email = $_POST['email'];
$secret = "YOUR-SECRET-KEY"; //never share your key
$data = array(
"secret" => $secret,
"email" => $email, //email address of the user
);
$options = array(
"http" => array(
"header" => "Content-type: application/x-www-form-urlencoded",
"method" => "POST",
"content" => http_build_query($data),
),
);
$context = stream_context_create($options);
$verify = file_get_contents("https://www.zencaptcha.com/captcha/emailverify", false, $context);
$email_success = json_decode($verify);
if ($email_success->success==false) {
#invalid email address (don't trust the user)
#email_success["emailvalid"] -check if "invalid_email" or "disposable_email". Ideally it should only be "valid_email"
exit();
}
else{
//valid email address - continue with your code
}
const https = require('https');
const querystring = require('querystring');
const postData = querystring.stringify({
'secret': 'YOUR-SECRET',
'email': 'USER-EMAIL-ADDRESS' //email address of the user
});
const options = {
hostname: 'www.zencaptcha.com',
path: '/captcha/emailverify',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': postData.length
}
};
const req = https.request(options, (res) => {
console.log(`statusCode: ${res.statusCode}`);
let data = '';
res.on('data', (chunk) => {
data += chunk;
});
res.on('end', () => {
const result = JSON.parse(data);
if (result.success) {
console.log('Verification successful! '+ result.message);
} else {
#invalid email address (don't trust the user)
#email_success["emailvalid"] -check if "invalid_email" or "disposable_email" - Ideally it should only be "valid_email"
console.log('Verification failed. '+ result.emailvalid);
return;
//do not continue
}
});
});
req.on('error', (error) => {
console.error(error);
});
req.write(postData);
req.end();
import requests
import json
email = request.getParameter("email")
secret = "YOUR-SECRET-KEY" #never share your key
data = {
"secret": secret,
"email": email
}
url = "https://www.zencaptcha.com/captcha/emailverify"
response = requests.post(url, data=data)
verify = response.text
email_success = json.loads(verify)
if not email_success["success"]:
#invalid email address (don't trust the user)
#email_success["emailvalid"] #check if "invalid_email" or "disposable_email" - Ideally it should only be "valid_email"
return
else:
#valid email address - continue with your code
require 'net/http'
require 'json'
email = get_parameter("email")
secret = "YOUR-SECRET-KEY" #never share your key
data = {
"secret" => secret,
"email" => email
}
url = URI("https://www.zencaptcha.com/captcha/emailverify")
http = Net::HTTP.new(url.host, url.port)
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/x-www-form-urlencoded"
request.body = URI.encode_www_form(data)
response = http.request(request)
verify = response.read_body
email_success = JSON.parse(verify)
if not email_success["success"]
#invalid email address (don't trust the user)
#email_success["emailvalid"] #check if "invalid_email" or "disposable_email" - Ideally it should only be "valid_email"
return
else
#valid email address - continue with your code
end