--- outline: deep --- # Geting Started Cap is a library designed for safeguarding against spam and abuse by utilizing a PoW mechanism using both an open-source client-side widget that you can seamlessly integrate with your website and a server-side verification process which typically involves only a few lines of code. ## Adding the Cap widget Cap is built to be straightforward and requires no API tokens for setup. Start by importing the Cap library from JSDelivr: ```html ``` Next, add the `` component to your HTML. ```html ``` **Note:** You'll need to start a server with the Cap API running at the same URL as specified in the `data-api-endpoint` attribute. Then, in your JavaScript, listen for the `solve` event to capture the token when generated: ```js const widget = document.querySelector("#cap"); widget.addEventListener("solve", function (e) { const token = e.detail.token; // Handle the token as needed }); ``` Alternatively, you can use `onsolve=""` directly within the widget or wrap the widget in a `
` (where Cap will automatically submit the token alongside other form data). ## Server-Side Validation Once you have the token, verify it server-side with a simple POST request: ```http POST /validate Content-Type: application/json { "token": "xxxxxxxxxxxxxxxx:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" } ``` The server response will confirm the validity and immediately invalidate the token: ```json { "success": true } ```