Signup email validation

Validate signup emails before bad accounts enter your app

Bad signup emails create support, fraud, and data-quality problems. Add Verifly to your signup flow to check mailbox validity, disposable domains, and risky addresses before accounts are created.

Validate in a signup flowAPI
const verify = await fetch(`https://verifly.email/api/v1/verify?email=${email}`, {
  headers: { Authorization: `Bearer ${process.env.VERIFLY_API_KEY}` }
})
const data = await verify.json()
if (data.result === 'undeliverable' || data.disposable) throw new Error('Use a valid email')

Real-time SMTP mailbox checks

Single, batch, and async bulk verification

Disposable, role account, and catch-all detection

Pay-as-you-go credits with no subscription lock-in

Search fit

Built for signup email validation searches

Use Verifly when you need a simple API, predictable pricing, and clean JSON results before emails hit your product, CRM, or campaign tool.

Validate emails in signup forms before account creation
Block disposable addresses from trials and free tiers
Protect CRM and lifecycle email data quality
Integrate quickly with Node, Python, Next.js, or server actions

A fake signup email costs you three times

When someone signs up with a dead or throwaway address, you pay for it more than once. First, the confirmation email hard-bounces, nudging your sending reputation down. Second, that account clogs your database and your metrics with a user who will never activate. Third, if it was a disposable address used to farm a free trial, you are giving away product to someone with no intention of converting. Format validation — the regex your form already runs — catches none of this.

Real-time signup validation means checking the mailbox at the moment of submission, not in a nightly cleanup. Verifly runs a live SMTP check inline and returns deliverable / undeliverable / risky plus a disposable flag fast enough to sit in the signup request. You reject the bad ones before the account row is created, so the problems above never start.

The policy is yours to tune: a strict SaaS trial might block undeliverable, disposable, and risky; a low-friction newsletter might block only undeliverable and let the rest through. Either way the decision happens in one call, before the user exists in your system.

Add a real-time gate to your signup handler

  1. Get a key at verifly.email/api/v1/autonomous/register (100 free credits, no card) and store it server-side.
  2. In your signup handler — before creating the user — call GET /verify with the submitted address.
  3. Reject undeliverable addresses outright and disposable ones if you are protecting a paid trial.
  4. Decide your stance on risky / catch-all: block for a strict product, allow for a low-friction list.
  5. Only create the account when the verdict passes your policy, and surface a clear "please use a valid email" message otherwise.
Server-side signup gate (Node)
async function validateSignup(email) {
  const res = await fetch(
    `https://verifly.email/api/v1/verify?email=${encodeURIComponent(email)}`,
    { headers: { Authorization: `Bearer ${process.env.VERIFLY_API_KEY}` } }
  )
  const { result, disposable } = await res.json()

  // strict policy for a paid trial
  if (result === 'undeliverable' || disposable) {
    return { ok: false, reason: 'Please use a valid, non-disposable email' }
  }
  return { ok: true, result }
}
// call validateSignup(email) BEFORE inserting the user

FAQ

Frequently asked questions

Isn't a regex or format check enough for signups?

No. A regex confirms the address is shaped like an email; it cannot tell you the mailbox exists or is disposable. A live SMTP check catches dead and throwaway addresses that pass format validation.

Is real-time verification fast enough for a signup form?

Yes. A single GET /verify returns quickly enough to run inline in the signup request, so you can block bad addresses before the account is created rather than in a later cleanup.

Should I block risky and catch-all addresses at signup?

It depends on friction tolerance. A strict paid product can block undeliverable, disposable, and risky; a low-friction newsletter might block only undeliverable to avoid rejecting real users on catch-all domains.

Does this stop free-trial abuse?

It helps. The disposable flag identifies temporary-inbox domains commonly used to farm trials, so blocking disposable at signup removes a large share of throwaway accounts.

Where should the API key live?

Server-side only — in an environment variable read by your signup handler, never in client code, so it cannot be extracted from the browser.

What does per-signup validation cost?

One credit per address, pay-as-you-go from $2 down to $0.60 per 1,000, with credits that never expire — inexpensive enough to check every signup.