Introduction to Gordon CRM Forms
Welcome to Gordon CRM Forms! Our headless form infrastructure allows you to securely capture leads from any website or application without embedding clunky iframes.
We use a modern, "keyless" pipeline for websites, meaning you never have to expose secret API keys in your browser code.
Before you copy any embed codes, you must configure your form's security settings.
Step 1: Configure Allowed Domains (Required)
To protect your CRM from unauthorized spam, Gordon CRM strictly blocks form submissions from unrecognized websites.
- Navigate to your Form Details page in the Gordon CRM dashboard.
- Locate the Allowed Domains section.
- Enter the exact URL of the website where this form will live (e.g.,
https://yourwebsite.com).
✨ Pro Tip: If your Gordon CRM workspace has a verified sending email domain, we automatically populate this list for you!
⚠️ Security Warning: If your Allowed Domains list is empty, your form is in "Open Mode" and will accept submissions from anywhere on the internet. We highly recommend locking this down before going live.
Once your domain is whitelisted, choose your integration method based on your website implementation.