Public sales-leads endpoint

The marketing site’s contact form posts directly to this endpoint. It is the only public, anonymous write surface in the API — protected by Cloudflare Turnstile and rate-limited at the edge.

Request

POST https://api.reqdesk.support/api/v1/public/sales-leads
Content-Type: application/json

{
  "name": "Customer Name",
  "email": "customer@example.com",
  "company": "Acme Co.",
  "seats": "10–20",
  "message": "We are evaluating Reqdesk for a 12-agent help desk…",
  "locale": "en",
  "source": "contact-page",
  "turnstileToken": "<token from Turnstile widget>"
}

Field	Required	Notes
`name`	yes	Max 120 chars.
`email`	yes	Max 200 chars; validated as email.
`message`	yes	Max 2000 chars.
`company`	no	Max 120 chars.
`seats`	no	Free text — “10–20”, “100+”, “not sure”.
`locale`	no	`en` or `ar`. Default: `en`.
`source`	no	Free-text tag — defaults to `contact-page`.
`turnstileToken`	yes	Token issued by the Turnstile widget on the page.

Response

201 Created with a JSON:API document:

{
  "data": {
    "type": "sales-leads",
    "id": "8K3N7QXM",
    "attributes": {
      "referenceCode": "8K3N7QXM",
      "message": {
        "en": "Thanks — we'll reply within one business day.",
        "ar": "شكرًا — سنردّ خلال يوم عمل واحد."
      }
    }
  }
}

The id is the human-readable reference code (8 chars, Crockford base32) — never the underlying ticket id. Customers can quote the reference back when following up.

Errors

400 Bad Request if the payload fails validation (any required field missing, email invalid, message too long).

422 Unprocessable Entity if the Turnstile token fails verification — replay attacks, expired tokens, or incorrect site key.

429 Too Many Requests if the originating IP has exceeded the rate limit.