Key verification

Key verification authenticates your key before calling the comment‑check, submit‑spam, or submit‑ham methods for the first time. This is the first call that you should make to Akismet and is especially useful if you will have multiple users with their own Akismet subscriptions using your application.

Note that you do not need to call this method before every call to comment‑check, submit‑spam, or submit‑ham; you should only make this request to confirm that an API key is valid before storing it locally.

This method is called via a POST request to the following URL:

https://rest.akismet.com/1.1/verify-key

Required POST parameters

api_key
Your Akismet API key. You can find this on your account dashboard at https://akismet.com/account/

blog
The front page or home URL of the instance making the request. For a blog, site, or wiki this would be the front page. Note: Must be a full URI, including http://.

PHP example

// Call to verify key function
akismet_verify_key('123YourAPIKey', 'http://www.yourblogdomainname.com/');

// Authenticates your Akismet API key
function akismet_verify_key( $key, $blog ) {
    $blog = urlencode($blog);
    $request = 'api_key='. $key .'&blog='. $blog;
    $host = $http_host = 'rest.akismet.com';
    $path = '/1.1/verify-key';
    $port = 443;
    $akismet_ua = "WordPress/4.4.1 | Akismet/3.1.7";
    $content_length = strlen( $request );
    $http_request  = "POST $path HTTP/1.0\r\n";
    $http_request .= "Host: $host\r\n";
    $http_request .= "Content-Type: application/x-www-form-urlencoded\r\n";
    $http_request .= "Content-Length: {$content_length}\r\n";
    $http_request .= "User-Agent: {$akismet_ua}\r\n";
    $http_request .= "\r\n";
    $http_request .= $request;

    $response = '';
    
    if( false != ( $fs = @fsockopen( 'ssl://' . $http_host, $port, $errno, $errstr, 10 ) ) ) { 
        fwrite( $fs, $http_request );

        while( !feof( $fs ) ) {
            $response .= fgets( $fs, 1160 ); // One TCP-IP packet
        }
    
        fclose( $fs );

        $response = explode( "\r\n\r\n", $response, 2 );
    }
 
    if ( 'valid' == $response[1] ) {
        return true;
    } else {
        return false;
    }
}

Success response example

The call returns valid if the key is valid.

Array (
    [0] => HTTP/1.1 200 OK
           Server: nginx
           Date: Mon, 24 Feb 2014 16:31:55 GMT
           Content-Type: text/plain; charset=utf-8
           Connection: close
           Content-length: 5
    [1] => valid
)

Error response example

If the verify‑key call returns “invalid”, it usually includes an extra HTTP header with some debug information about what exactly was invalid about the call.

Array (
    [0] => HTTP/1.1 200 OK
           Server: nginx
           Date: Mon, 24 Feb 2014 16:34:54 GMT
           Content-Type: text/plain; charset=utf-8
           Connection: close
           X-akismet-debug-help: We were unable to parse your blog URI
           Content-length: 7
    [1] => invalid
)

We’re here to help

If you ever get stuck or need help troubleshooting something, please don’t hesitate to contact us.