When a signup, form or automation webhook fires in your stack, verify the address inline and branch on the result. The API is synchronous, so you get the verdict in the same request, with no callback to wait on.
Get your API key, free Read the docs 100 free credits, no card. Verify in real time inside your handler.# Your webhook handler (e.g. a new signup event) $body = json_decode(file_get_contents('php://input'), true); $email = $body['email'] ?? ''; $res = json_decode(file_get_contents( "https://api.emailverifierapi.com/v2/?apikey=KEY&email=" . urlencode($email)), true); if ($res['status'] === 'failed' || !empty($res['disposable'])) { http_response_code(200); // ack the webhook, reject the user block_signup($email); } else { create_account($email); // ✓ real address }
Wherever an email enters your system through a webhook, verify it before you act.
Your app fires a webhook on each new registration. The handler verifies the address and blocks fakes before the account is created.
Typeform, Webflow, Zapier or Make send a webhook on submission. A verify step routes good leads on and quarantines bad ones.
A new-lead webhook from your CRM triggers verification so junk never reaches your pipeline or your reps.
Best practices for the endpoint that receives the webhook and calls verification.
Validate the HMAC-SHA256 signature header the source sends, and reject anything that fails. Never trust an unsigned payload.
Accept webhooks over TLS exclusively so payloads and addresses are never sent in the clear.
Return a 2xx quickly so the source does not retry, then run verification and your business logic.
Webhooks can be delivered more than once. Key on an event ID so a retried delivery never double-processes a signup.
One clear status per address, plus disposable, role and catch-all flags.
| Status | Meaning | Typical webhook action |
|---|---|---|
| passed | Deliverable mailbox | Proceed (create account / sync lead) |
| failed | Invalid / bounces | Block and ask to re-enter |
| unknown | Catch-all domain | Flag as risky, allow with care |
| transient | Temporary server issue | Queue and retry later |
Webhook-driven verification, answered.
The verification API is synchronous, which is simpler than a webhook for most jobs: when a webhook fires somewhere in your stack (a new signup, a form submission, a Zapier or Make event), you call the API inside that handler and get the verdict back immediately, with no callback to wait for or signature to round-trip. You verify in real time, right where the event happens.
In your webhook handler, read the email from the incoming payload, send it to the Email Verifier API v2 endpoint, and branch on the returned status (passed, failed, unknown or transient) before you create the account, sync the lead, or send anything. It is typically a few lines of code, shown below in PHP and Node.js.
Verify the signature on the INCOMING webhook from its source (most providers send an HMAC-SHA256 signature header you should validate), accept only HTTPS, reject anything without a valid signature, and make your handler idempotent so retried deliveries do not double-process. Return a 2xx quickly, then do heavier work asynchronously if needed.
Yes. Any platform that can fire a webhook or call an HTTP endpoint can trigger verification: add a step that POSTs the email to the API and routes on the result. This is the standard way to add real verification to no-code form and automation tools.
A clear JSON response with a status (passed, failed, unknown, transient) plus flags for disposable, role and catch-all, so your webhook logic can accept, reject, flag or queue-and-retry each address.
Pay-as-you-go, one credit per verification, billed only for Passed and Failed results, credits never expire, and every new account starts with 100 free credits.
Grab an API key and drop a verify call into any handler. 100 free credits, no credit card.
Get your free API keyRelated: real-time API, signup form validation, API documentation.