Abuse Prevention Config

Fetch the abuse prevention settings configured for a specific event type. Use this before rendering a booking form to determine whether CAPTCHA or honeypot fields are required.

Endpoint


GET /api/public/scheduling/{userSlug}/{eventSlug}/abuse-config

Authentication: None required

Path Parameters

Parameter	Type	Description
`userSlug`	`string`	The user’s unique URL slug
`eventSlug`	`string`	The event type’s URL slug

Response

Returns 200 OK with the abuse prevention configuration.


{
  "enableHoneypot": true,
  "enableCaptcha": true,
  "captchaProvider": "recaptcha",
  "captchaSiteKey": "6Le..."
}

Response Fields

Field	Type	Description
`enableHoneypot`	`boolean`	Whether the honeypot anti-spam field is enabled
`enableCaptcha`	`boolean`	Whether CAPTCHA verification is required
`captchaProvider`	`string \| null`	CAPTCHA provider: `recaptcha` or `hcaptcha`
`captchaSiteKey`	`string \| null`	Client-side site key for the CAPTCHA provider

Using Honeypot

When enableHoneypot is true, include a hidden form field in your booking form. The field should be invisible to real users but visible to bots:


<!-- Hidden honeypot field -->
<div style="position: absolute; left: -9999px;" aria-hidden="true">
  <input
    type="text"
    name="website"
    tabindex="-1"
    autocomplete="off"
    id="honeypot"
  />
</div>

When submitting the booking, include the honeypot value:


const booking = await createBooking({
  // ... other fields
  honeypotValue: document.getElementById('honeypot').value, // should be ""
});

Legitimate users won’t fill in the hidden field, so honeypotValue will be empty. If it contains any value, the booking will be rejected.

Using CAPTCHA

When enableCaptcha is true, render the appropriate CAPTCHA widget and include the token in the booking request.

reCAPTCHA


<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY"></div>


const token = grecaptcha.getResponse();
const booking = await createBooking({
  // ... other fields
  captchaToken: token,
});

hCaptcha


<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
<div class="h-captcha" data-sitekey="YOUR_SITE_KEY"></div>


const token = hcaptcha.getResponse();
const booking = await createBooking({
  // ... other fields
  captchaToken: token,
});

Errors

Status	Description
`404`	User or event type not found

Code Examples

cURL


curl https://app.proximity.io/api/public/scheduling/jane-doe/30min-call/abuse-config

JavaScript


const response = await fetch(
  'https://app.proximity.io/api/public/scheduling/jane-doe/30min-call/abuse-config'
);
const config = await response.json();
 
if (config.enableCaptcha) {
  console.log(`CAPTCHA required (${config.captchaProvider})`);
  console.log(`Site key: ${config.captchaSiteKey}`);
}