Last modified: 2014-08-13 21:07:38 UTC
Currently, there is a checkbox called wpIgnoreAntiSpoof on the user interface which allows those with the override-antispoof right to turn off antispoof for an account creation.
This checkbox is not exposed in the API directly, although it can still be used by defining wpIgnoreAntiSpoof as one of the POST parameters to the API createaccount call. Doing this generates an API warning stating the parameter is unrecognised, but the request still succeeds where it would normally fail.
This does not feel like a reliable method of using this functionality, as it is undocumented and likely accidental. This functionality should be exposed to the API as a documented parameter.