There is an example for this in your Sugar installation, the file SUGAR/examples/ExampleLeadCapture.php. You'll need to modify ../leadCapture.php as well, so that it has a valid user and user-hash (or password).
To do a simple test, you can modify the following line in leadCapture.php:
'cheeto' => array('name'=>'admin', 'pass'=>' 6958b4fa4bfc56342634184c21085543'),
Replace the "6958b4fa4bfc56342634184c21085543" with the hashed admin password from your MySQL database.
Posted in: Sugar CRM