Use this guide to connect an external website to your petition so visitors can sign directly from your own site.
The Petition API lets you:
accept signatures from external websites
show live signature count on your own website
keep full control over access and visibility
You need:
A petition you own
A personal API token with create permission
The domain name(s) of the external website(s) that will send signatures
Go to:
Dashboard -> Create petition or Dashboard -> Edit petition
Open:
Advanced settings: API and visibility
In this section you can:
Enable API submissions
Add allowed domains (one per line)
Hide a petition from public pages
Turn on:
Enable API submissions
This allows external websites to submit signatures through the API.
In Allowed domains, add one hostname per line, for example:
example.com forms.example.org localhost 127.0.0.1:8000Important:
use hostname only
port is optional (for local dev, e.g. 127.0.0.1:8000)
do not include https://
do not include /path
Requests from domains not in this list will be rejected.
Go to:
Profile -> API Tokens
Direct path:
/user/api-tokens
Create a token with at least:
create permission
Store the token securely. It is shown only once.
Use this endpoint:
POST /api/v1/petitions/{petition-slug}/signatures
Required headers:
Authorization: Bearer YOUR_TOKEN
Origin: https://your-allowed-domain.example
Content-Type: application/json
Body example:
{ "full_name": "Jane Doe", "email": "jane@example.org", "accept_terms": true, "show_name_public": false, "comment": "I support this campaign." }Success response:
202 Accepted
Use this endpoint:
GET /api/v1/petitions/{petition-slug}/signature-count
This endpoint returns verified signatures only.
API signatures must still be verified by email.
That means:
signature is stored immediately
signer receives verification email
signature count increases only after verification
If you enable:
Hide this petition from public pages
Then the petition is removed from:
homepage petition lists
topic pages
search
sitemap
And direct public page access returns 404.
API submission and signature count can still work if API is enabled and domains are configured.
Cause: request domain does not match allowed domains.
Fix:
check Origin header in request
add correct hostname to allowed domains
Cause: token does not include create.
Fix:
create new token with create permission
Cause: API submissions are disabled for the petition.
Fix:
enable API submissions in petition settings
Cause: same email already signed this petition.
Fix:
do not submit duplicate emails for same petition
Cause: missing or invalid fields.
Fix:
send valid full_name, email, and accept_terms=true
Submit signature:
curl -X POST "https://forbrukermakt.no/api/v1/petitions/my-petition/signatures" \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Origin: https://forms.example.org" \ -H "Content-Type: application/json" \ -d '{ "full_name":"Jane Doe", "email":"jane@example.org", "accept_terms":true }'Get count:
curl "https://forbrukermakt.no/api/v1/petitions/my-petition/signature-count"Yes. Add each hostname on its own line.
Yes. Enable Hide this petition from public pages and keep Enable API submissions turned on.
No. Current API supports signature submission and signature count only.
Because signature count includes verified signatures only.