Lead intake that captures every request, from every source
Forms, landing pages, API, publishers and AI agents come together in one structured intake in your platform, with provenance and consent captured from the very first moment. Under your own brand, without building it yourself.
The intake is the gateway to your entire lead operation. Everything that comes in here determines the quality of what rolls out the other end: whether your buyer receives a clean, auditable request, or a messy record with no provenance. OXIAE is the operating system for lead generators, and that is why it treats this gateway as a serious part of the infrastructure, not as a simple inbox: ready to use, so you do not have to build it yourself.
The idea is simple but strict: whether a request comes from your own form, streams in via a publisher API or is delivered by an AI agent, every request follows exactly the same route. Provenance is captured, consent is linked, fields are validated and duplicate requests are filtered out. Only then does a lead flow on, normalised, to verification, matching and payout within your operation. On this page you will read exactly how to connect a source as an operator, which data the platform captures and how deduplication works.
Sources that connect seamlessly
Whether a request comes from a form, a partner or an AI agent, everything lands in the same structured intake.
Forms
Requests from your own forms arrive structured right away, with field validation and provenance, under your own brand.
Landing pages
Every landing page, yours or your publishers’, delivers into the same intake, regardless of brand, domain or campaign.
API & webhooks
Connect external systems in real time through a clear API and receive requests without an intermediate step.
Publishers
Deliveries from your publishers and partners are recognised per source and assigned cleanly.
Call tracking
Phone requests slot seamlessly into the same flow as digital leads.
AI agents
Autonomous agents from the AI Agent Network deliver into the same intake through a structured, secure interface.
How to connect a source
Connecting a new source does not require a complicated migration project. Pick the method that suits your operation: every route delivers into the same structured intake.
Form embed
Place the form on your site with a single line of script, under your own brand. Fields, validation and provenance are already built in; you only choose the campaign and the label.
Landing page
Use a hosted landing page under your own brand and domain. Requests flow straight through, including UTM parameters and the recorded consent text.
API key + webhook
Generate an API key and configure your webhook endpoint. External systems deliver in real time and immediately receive a normalised response with lead ID and status.
Publisher portal
Give your publishers access to the portal. Every delivery is linked to their partner ID, so provenance, volume and quality stay traceable per supplier.
What happens on arrival
Every request automatically goes through the same steps, so your data is clean and auditable from second one.
Provenance captured
Source, channel and partner are registered immediately on arrival.
Consent recorded
Consent is linked to the request and stored in an auditable way.
Validation & deduplication
Fields are validated and duplicate requests are filtered out straight away.
Normalisation
Data is made uniform, so every lead shares the same structure.
What is provenance?
Provenance is the full story behind a request: not just who the applicant is, but where the request comes from, by which route and under what consent. Without that story, a lead is just a row of contact details, and in a regulated market that is not enough.
OXIAE captures provenance at the moment of arrival, not after the fact. That means for every request you can demonstrate where it came from, which publisher delivered it and what consent the applicant gave. This makes billing, quality control and compliance, including the audit trail for GDPR, traceable down to the level of a single lead.
-
Source
Which system or integration delivered the request: form, API, publisher or agent.
-
Channel
The medium the request arrived through, for example web, telephony or a partner integration.
-
Partner ID
The unique supplier behind the request, so every delivery stays traceable and billable.
-
Campaign
The specific campaign or offer the applicant responded to.
-
UTM parameters
Source, medium, campaign, term and content are stored separately for accurate attribution.
-
IP & timestamp
The moment of arrival and the IP address, as proof of the actual delivery moment.
-
Consent reference
The reference to the recorded consent: text, timestamp and the way it was given.
Deduplication, explained
The same applicant often comes in more than once, through two campaigns, two publishers or simply the same form twice. The platform recognises that overlap before the lead flows on.
For every incoming request, the intake computes a set of normalised keys and compares them with requests from a configurable time window, for example the past 30 days. If a key matches an earlier lead within that window, the platform flags the new request as a duplicate. Outside the time window, the same applicant counts again as a new, valid lead. You set the rules yourself.
Email address
Normalised to lowercase, with plus aliases and spaces removed.
Phone number
Converted to E.164 format, so local and international notations are recognised as equal.
Postcode + house number
Combined as a secondary key to find the same applicant behind different address notations.
What happens to a duplicate? It is not thrown away. The request is kept, linked to the original lead and flagged with is_duplicate: true plus a reference to the first record. That way you keep the complete delivery overview, useful for publisher reporting and disputes, while the buyer receives and pays for the same request only once. You decide whether a duplicate may be paid out again, is blocked, or is only logged as evidence.
From payload to normalised lead
Below you see an example of an incoming webhook payload and how that same request looks after intake, cleaned up and enriched with consent and provenance fields.
POST /v1/intake (incoming webhook payload)
{
"first_name": "Sanne",
"last_name": "de Vries",
"email": "Sanne.deVries+web@example.com",
"phone": "06 12 34 56 78",
"postcode": "1011 AB",
"house_no": "12",
"consent": {
"given": true,
"text": "I consent to being called about this offer.",
"ts": "2026-03-12T09:41:07+01:00"
},
"utm": { "source": "google", "medium": "cpc", "campaign": "solar-panels-q1" },
"partner_id": "pub_8842",
"campaign": "solar-panels-quote"
}
--> normalised lead schema (after intake)
{
"lead_id": "ld_01HF9Q2K7M",
"status": "accepted",
"contact": {
"first_name": "Sanne",
"last_name": "de Vries",
"email": "sanne.devries@example.com",
"phone": "+31612345678",
"postcode": "1011AB",
"house_no": "12"
},
"consent": {
"given": true,
"text": "I consent to being called about this offer.",
"captured_at": "2026-03-12T09:41:07+01:00",
"reference": "cns_4f7a91"
},
"provenance": {
"source": "publisher",
"channel": "web",
"partner_id": "pub_8842",
"campaign": "solar-panels-quote",
"utm": { "source": "google", "medium": "cpc", "campaign": "solar-panels-q1" },
"ip": "145.97.x.x",
"received": "2026-03-12T09:41:08+01:00"
},
"dedupe": { "is_duplicate": false, "matched_lead_id": null }
} Why intake at OXIAE makes the difference
A good intake is more than receiving data. It determines whether the rest of your operation (verification, matching and payout) can rest on a clean, auditable foundation, or runs into mess every day. And you get it ready to use, not as a build project.
One structured flow
Every source comes together in the same intake, with no loose exports or fragmented data to build yourself.
Auditable from the start
Provenance and consent are captured from the very first moment and always traceable: GDPR compliant.
Ready for matching
Normalised, verified requests flow cleanly through to distribution and routing within your operation.
Frequently asked questions about intake
The questions we get most often about connecting sources, provenance and deduplication.
How quickly can I connect a new source?
A form embed or hosted landing page goes live within minutes under your own brand. An API integration with a webhook endpoint is usually working within one business day, depending on your own system. The publisher portal is available immediately once you invite a publisher.
Which fields are required for a request?
The minimum set is a contact detail (email or phone) plus recorded consent. Beyond that the platform validates whatever you deliver. If required provenance or consent is missing, the request is rejected with a clear error message, so no incomplete lead flows through.
What exactly does OXIAE capture as provenance?
For every request the platform stores source, channel, partner ID, campaign, the individual UTM parameters, the IP address with timestamp and a reference to the recorded consent. Together these form the traceable context behind the lead: the basis of your audit trail.
How does deduplication work exactly?
The platform computes normalised keys on email address, phone number (E.164) and the combination of postcode plus house number. If a key matches an earlier lead within the time window you configure, the request is flagged as a duplicate and linked to the original.
What happens to a duplicate?
A duplicate is not deleted, but kept and linked to the original lead with a reference and the is_duplicate flag. You decide whether it may be paid out again, is blocked, or is only logged as evidence for reporting and disputes.
Can AI agents deliver through the same intake?
Yes. Autonomous agents from the AI Agent Network deliver through the same structured, secure API as any other source, with the same validation, provenance capture and deduplication. There is no separate, less controlled route for machine deliveries.
One clean inflow
What a structured intake delivers
Read more
- Verification & consentHow provenance and consent are checked and recorded after intake.
- Matching & routingWhere clean, normalised requests flow to: the right buyer.
- IntegrationsConnect forms, APIs, call tracking and your CRM to the same intake.
- Consent & provenanceThe compliance principles behind every recorded request.
Capture every request cleanly
Book a demo and see in a live walkthrough how one structured intake delivers provenance, consent and deduplication as standard: white-label, in your platform.