yorkyy for developers
Capture submissions from anywhere on the web, deliver them in real time via email, Telegram, or signed webhooks. Three integration paths, one API.
Pick an integration
No code. Drop a yorkyy-hosted form on any page.
For non-technical users with marketing sites, landing pages, blogs.
HTML forms, React, mobile, server. Bring your own UI.
For developers integrating yorkyy with existing forms or custom UIs.
Build forms in our UI, read submissions programmatically.
For teams using yorkyy's form builder who also need API access to data.
Common tasks
- Quickstart — get to a first submission in 5 minutes
- Send an HTML form to yorkyy by changing one attribute
- Embed a yorkyy form on your site with one line of HTML
- Use the
yorkyynpm package from Node, Bun, Deno, or the browser - Receive submissions as signed HTTP POSTs and verify them
- Lock down endpoints with origin allowlists, HMAC signing, and Turnstile
Concepts
Two things produce submissions in yorkyy:
- Forms — created in the yorkyy dashboard with a schema (fields, validation, theme). Rendered at
yorkyy.com/f/. Can be embedded as iframes.<publicId> - Endpoints — bare ingestion URLs. No schema; capture whatever fields the request sends. Use these when you already have a form somewhere (your own HTML page, a React component, a mobile app) and just want yorkyy to receive its submissions.
Both feed into the same notification fanout: every submission is routed to your configured channels(email, Telegram, signed webhooks). Channel logic doesn't care whether a submission came from a form or an endpoint.
Authentication overview
- Endpoint URLs are public — anyone can POST to them. Lock them down with origin allowlists, HMAC signing, or Turnstile depending on threat model. See security.
- REST API requires a bearer API key. Create keys at dashboard / API keys.
- Webhook deliveries are signed with HMAC SHA-256 — verify them server-side. See webhooks.