Mint a signed URL, embed the iframe, receive submissions on your webhook. We never store your schemas or your data — your tenants own everything.
curl -X POST https://faas.example.com/api/public/v1/render-url \
-H "Authorization: Bearer wfb_live_•••" \
-H "Content-Type: application/json" \
-d '{
"form_ref": "contact-us",
"context": { "user_id": "u_42" }
}'
# → { "url": "https://faas.example.com/f/eyJ…",
# "jti": "eyJ…", "expires_at": "…" }Built for teams that don't want yet another data processor in their compliance scope.
Provision a tenant in the admin, allow-list your frame ancestors, and generate a scoped key.
POST /v1/render-url with a form ref and per-user context. We return a signed, short-lived URL.
form.submitted is delivered to your webhook with exponential retries. Payloads expire in 1h.