Why Leadping asks for it
External lead intake often crosses systems: a publisher form, a tracking layer, a buyer integration, a CRM, and then Leadping. TrustedForm helps keep that chain reviewable by preserving evidence about the opt-in event. That evidence is useful when your team needs to answer:- Which form or page produced this lead?
- What disclosure was shown?
- Which phone number or email address was submitted?
- Which seller, brand, product, source, or campaign was involved?
- Was the lead consistent with the source that posted it to Leadping?
Required field
Send the certificate URL intrustedFormUrl.
POST /leads payloads, place it under metadata:
POST /leads/intake payloads, send it as a top-level field:
trustedform.com.
Field placement
| Intake path | Field location |
|---|---|
POST /leads | metadata.trustedFormUrl |
POST /leads/intake | Top-level trustedFormUrl |
GET /leads/intake | Query-string parameter named TrustedFormUrl |
What the certificate should support
The certificate and related source records should show:- The consumer took an affirmative opt-in action.
- The sender or brand was visible.
- The phone number, email address, or contact method matches the submitted lead.
- The disclosure shown at opt-in matches the planned outreach.
- The channel is covered, such as SMS or calls.
- The source, publisher, landing page, or partner can be identified.
- The submission date, time, IP address, and user agent can be traced.
Intake validation
Leadping can reject or hold a lead when the TrustedForm URL is:- Missing
- Malformed
- Not hosted by
trustedform.com - Expired or unreachable
- Not connected to the submitted contact information
- Inconsistent with the approved source, campaign, or consent path
- Suspicious or tied to a disputed source
Common implementation problems
Common problems include:- Sending the field under the wrong name, such as
trusted_forminstead oftrustedFormUrl - Sending a screenshot URL instead of the TrustedForm certificate URL
- Sending the same certificate for multiple unrelated leads
- Sending a certificate from a different source, form, or publisher
- Submitting leads after certificates have expired or become unavailable
- Collecting consent that does not name the intended sender or channel
- Posting leads before the source is approved for production traffic

