Sutrena gives you forms, pages, analytics, webhooks, automations for every project — from one account. One API key replaces signing up for 3-4 services per project. Works from Claude Code, Cursor, LangGraph, CrewAI, or any HTTP client.

How do I get started with Sutrena?

POST /api/trial to get an instant API key — no signup required. Then POST /api/forms to create a hosted form, or POST /api/pages to deploy a page.

Does Sutrena support AI agents?

Yes. Sutrena includes 67 MCP tools for Claude Code, Cursor, and any MCP client. It also provides a full REST API, OpenAPI spec, llms.txt, and agent-optimized error messages.

How much does Sutrena cost?

Free: 10 projects, 100 submissions/form, 5K analytics events/mo, 20MB storage. Pro: $29/month for 100 projects, unlimited submissions, 500K events/mo, CSV export, upsert API. Scale: $99/month for unlimited everything.

Can I embed Sutrena forms on my website?

Yes. Use the 2-line embed snippet or build a custom HTML form that POSTs JSON to the submit URL. Works with Framer, Webflow, WordPress, and any HTML site.

What happens to my data after the trial expires?

Unclaimed trial data is deleted after 24 hours. Visit the claimUrl to sign in with GitHub or Google and keep your data permanently. Or upgrade to Pro or Scale.

Does Sutrena support webhooks?

Yes. Register webhook URLs to receive form submission events with HMAC-SHA256 signatures. Supports Slack and Discord payload templates, field mapping, and automatic retry with failure tracking.

Guides/How to prevent form spam

How to prevent form spam

Built-in rate limits. Unique constraints. No CAPTCHA.

Updated March 2026

Spam wrecks your data. Pollutes analytics, wastes storage, creates noise. Sutrena has several built-in defenses that do not need CAPTCHA or third-party services. uniqueBy constraints, maxSubmissions caps, closesAt deadlines, and per-IP rate limiting on the submit endpoint. Here is how to use them.

1. Use uniqueBy to prevent duplicates

Set uniqueBy on your form. Submissions with a duplicate value for that field get rejected with a 409. Most common use: one submission per email.

curl -X POST https://sutrena.com/api/forms \
  -H "Authorization: Bearer st_trial_abc123" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Waitlist",
    "fields": [
      { "name": "email", "label": "Email", "type": "email", "required": true },
      { "name": "name", "label": "Name", "type": "text" }
    ],
    "uniqueBy": "email"
  }'

# Duplicate submission returns:
# 409 Conflict
# { "error": "A submission with this email already exists" }

2. Set maxSubmissions to cap total entries

Limit how many submissions a form accepts. Once the cap hits, the form returns 410 Gone. Good for limited-slot events or early access.

curl -X POST https://sutrena.com/api/forms \
  -H "Authorization: Bearer st_trial_abc123" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Early Access - 100 Spots",
    "fields": [
      { "name": "email", "label": "Email", "type": "email", "required": true }
    ],
    "maxSubmissions": 100,
    "uniqueBy": "email"
  }'

# After 100 submissions:
# 410 Gone
# { "error": "This form has reached its submission limit" }

3. Use closesAt for time-limited forms

Set a deadline. After that time, the form stops accepting submissions. Combine with maxSubmissions for capped, time-limited entries.

curl -X POST https://sutrena.com/api/forms \
  -H "Authorization: Bearer st_trial_abc123" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Flash Survey",
    "fields": [
      { "name": "vote", "label": "Your choice", "type": "select",
        "options": ["Option A", "Option B", "Option C"], "required": true }
    ],
    "closesAt": "2026-03-10T23:59:59Z",
    "maxSubmissions": 500
  }'

# After the deadline:
# 410 Gone
# { "error": "This form is closed" }

4. Rely on built-in rate limiting

The submit endpoint has per-IP rate limiting. Nothing to configure. One IP sends too many requests, it gets a 429.

# Rate limiting is automatic. If a single IP sends too many
# requests in a short window:

# 429 Too Many Requests
# { "error": "Rate limit exceeded. Try again later." }

# Combine all protections for maximum security:
# - uniqueBy: "email"      (one per person)
# - maxSubmissions: 1000    (total cap)
# - closesAt: "2026-04-01"  (time deadline)
# - Built-in IP rate limit  (abuse prevention)

FAQ

Do I need to add a CAPTCHA?

Probably not. Per-IP rate limiting handles bots. uniqueBy handles repeated entries. Unless you have a specific threat model that needs CAPTCHA, most forms do not.

Can I change maxSubmissions after the form is created?

Yes. PATCH the form to update maxSubmissions, closesAt, or uniqueBy anytime. Existing submissions stay.

What happens to submissions after the form closes?

They stay. The form just stops accepting new ones. You can still query or export them via the API.

Can I whitelist specific IPs from rate limiting?

No. The rate limit is uniform. If you need to submit many entries programmatically (like importing data), use the authenticated API with your key -- it has higher limits.

Does uniqueBy work with fields other than email?

Yes. Set uniqueBy to any field name. uniqueBy: "phone" prevents duplicate phone numbers, for example.

Build a waitlist →Form API reference →Custom form fields →Spam prevention FAQ →

What is Sutrena?

Sutrena is the web runtime for AI agents. Forms, Pages, Analytics, Webhooks, Automations — all through 67 MCP tools and one REST API. Your agent creates web artifacts, humans interact with them, and your agent gets the data back. Use any one feature or all of them together.

Pages

Deploy HTML instantly

Forms

Collect structured data

Automations

DSL-based pipelines with 14 step types

Analytics

Privacy-first, no cookies

Webhooks

Slack, Discord, Telegram

Get started in two API calls

1. Get a trial key (no auth, no signup)

curl -X POST https://sutrena.com/api/trial

2. Create anything — a page, form, automation, or analytics site

# Create a form
curl -X POST https://sutrena.com/api/forms \
  -H "Authorization: Bearer st_trial_xxx" \
  -H "Content-Type: application/json" \
  -d '{"name": "waitlist", "fields": [{"name": "email", "label": "Email", "type": "email", "required": true}]}'

# Or deploy a page
curl -X POST https://sutrena.com/api/pages \
  -H "Authorization: Bearer st_trial_xxx" \
  -H "Content-Type: application/json" \
  -d '{"slug": "index", "title": "My Site", "html": "<h1>Live</h1>"}'

/llms.txt /api/schema /llms-full.txt /.well-known/mcp.json

Ready to build?

Get a trial API key instantly with no signup, or create an account for the full experience.

Start building Agent docs