Server Side Validation

  • Updated on Nov 24, 2025
  • 2 minute(s) read
Prev Next

This article will show you how to use server-side validation to validate form fields. This will allow you to call the endpoint once before submission and once before your workflow begins. You can use a Custom URL or a Hosted API to use in validation.

An example use case could be for validating an address within your desired state or postcode.

Set Up Validation

  1. Sign in to your site

  2. Navigate to the Forms The Process Automation home screen with the Forms menu option highlighted.

  3. Select the form you want to validate Select a Form to be validated after searching.

  4. Click the Developer Tools tab, and locate the Validation The Validation section of the Summary tab.

  5. Select Custom URL or Hosted API and add a custom URL or a hosted API endpoint to the form The Custom URL and Hosted API buttons highlighted in the Validation section.

    • Custom URLThe Custom URL button of the Validation section in Developer Tools.

      • URL: Provide the URL for the specific API endpoint that you want the form to validate against

      • Secret: Select an existing secret from the drop-down or add a new one

    • Hosted APIThe Hosted API button in the Validation section of the Developer Tools tab.

      • Hosted API: Select a previously created Hosted API from the list

      • Route: Choose an available route for the Hosted API

      • Secret: Select an existing secret from the drop-down or add a new one

  6. Click Save The teal Save button on the Developer Tools tab.

Example Validation

For an example of Server Side Validation, check out our GitHub.

Example Payload

{"formsAppId": 1,"formId": 1,"externalId": "external identifier","secret": "ssshhh","submissionId": "85fad0a4-b778-4aea-a6e7-671d84d58156","submissionTimestamp": "2018-01-01T00:00:00.000Z","jobId": "29e8138d-b28c-49da-b357-f4974adbf0a6","previousFormSubmissionApprovalId": "04dc6796-f593-47a6-ac21-5e00473d86a1","submission": {"First_Name": "Jane","Last_Name": "Smith"},"ipAddress": "86.124.75.76","keyId": "","user": {"userId": "81798353-7c7a-481b-89f2-8c5fb83209ca","providerType": "Google","providerUserId": "234891839120312839123","username": "jane@smith.io","email": "jane@smith.io","firstName": "Jane","lastName": "Smith","fullName": "Jane Smith","picture": "https://lh3.googleusercontent.com/a/AATXAJyQ6F_frDWNQguRuVrRmKKs22PYkXDTQlzgDRjp=s96-c"},"device": {"type": "BROWSER","appCodeName": "Mozilla","appName": "Netscape","appVersion": "5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36","cookieEnabled": true,"hardwareConcurrency": 12,"language": "en-GB","maxTouchPoints": 0,"platform": "MacIntel","userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36","vendor": "Google Inc.","webdriver": false}}

Note:

The first call prior to submission will not include the submission ID, Submission timestamp, secret, IP address, and device information.

Validation Fails

  • If the validation fails on the first call before the submission, the user will be shown a failure modal. This can be used to include an informative error message explaining why the form failed the validation. For example, "The address you are using is not within the expected Postcode." Whoops Failed to Fetch validation error message.

  • If the validation fails on the second call before the workflow, then an email will be sent to the notification email address configured for the app that the form is being submitted from.

  • If the validation succeeds, the form will be submitted as normal.

Related articles