splitforms.com
guide · form types

Signup Form in HTML — Working Code with Validation

Email, password, password-confirm, terms checkbox. Native validation handles required + format; 5 lines of JS handle the password match. POSTs to splitforms (free 500/month).

html
<form action="https://splitforms.com/api/submit" method="POST">
  <input type="hidden" name="access_key" value="YOUR_ACCESS_KEY" />
  <input type="hidden" name="_subject"   value="New signup" />

  <label>Email<input name="email" type="email" required autocomplete="email" /></label>
  <label>Password<input name="password" type="password" required minlength="8"
                       autocomplete="new-password" /></label>
  <label>Confirm password<input name="password_confirm" type="password" required minlength="8"
                                autocomplete="new-password" /></label>

  <label>
    <input type="checkbox" name="agree_terms" required />
    I agree to the <a href="/terms">terms</a> and <a href="/privacy">privacy policy</a>
  </label>

  <input type="checkbox" name="botcheck" style="display:none" tabindex="-1" />
  <button type="submit">Sign up</button>
</form>

<script>
  const f = document.querySelector("form");
  const p = f.querySelector("[name=password]");
  const c = f.querySelector("[name=password_confirm]");
  c.addEventListener("input", () => {
    c.setCustomValidity(c.value === p.value ? "" : "Passwords don't match");
  });
</script>

A signup form is a registration form's shorter sibling — typically just email + password + terms, without the full name field. Same mechanics, fewer fields. For lead-gen signups (newsletter, waitlist, beta access), even simpler — just email + agree.

The form above uses all the right autofill attributes. `autocomplete="email"` triggers email autofill on every browser. `autocomplete="new-password"` tells password managers to generate and save a new password (not autofill an existing one). Skip these and password managers misbehave.

The terms checkbox uses `required` so the browser blocks submission until checked. Browsers display 'You must accept the terms' inline — no custom JavaScript validation needed. This is the kind of small detail that converts: don't write a JS handler for what HTML already does.

The form POSTs to splitforms. For real account creation, configure a webhook in the splitforms dashboard pointing at your auth provider's signup endpoint (Supabase, Clerk, Auth0, your own /api/register). The webhook fires on every signup; your auth provider creates the user.

How to set this up

Step 01

Email + password + terms

Minimum viable signup. Each field gets required + correct type + autocomplete.

Step 02

Password match in 5 lines of JS

setCustomValidity on the confirm field. Browser handles the rendering.

Step 03

POST to splitforms

The submission lands in the dashboard and can email your inbox. On Starter and above, a webhook can also fire to your auth provider.

Step 04

(For real accounts) Webhook to your auth provider

Configure a webhook in splitforms pointing at Supabase / Clerk / your /api/register. User created automatically on every signup.

Email + password + terms checkbox. Five JS lines for password match. Done.

Frequently asked questions

What's the difference between signup and registration form?

In practice, nothing — they're synonyms. 'Signup' is more common in product/marketing contexts; 'registration' is more common in formal/enterprise contexts. The HTML is the same.

Do I need a username field?

No, for most signups. Email serves as the unique identifier. Add a username only if your product has a public profile (social, marketplace) where users need a handle.

How do I require a strong password in HTML?

Use `minlength="8"` and `pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}"` for upper/lower/digit. Or skip client-side rules and rely on your auth provider's password strength check after submission.

Should I use autocomplete="new-password" or "current-password"?

new-password for signup forms — tells password managers to generate a fresh password. current-password for login forms — tells them to autofill the existing one. Both inputs in a signup form use new-password.

How do I verify the email after signup?

Use a webhook from splitforms to your auth provider. The auth provider sends a verification email with a token; user clicks the link; account activates. splitforms doesn't do email verification itself — that's your auth provider's job.

Related guides

Ship the form, not the backend.

Free for 500 submissions/month. Owner email delivery, AI spam filtering, and a real dashboard are included on Free. Starter adds signed webhooks. No credit card.

Get a free access key →