Skip to main content

Use Breach Intel

Use the user/breached endpoint to make an API call and return user details

You can create an API request to retrieve as few or as many details as you need.

note

In the API requests below, “provider” does not appear in the request because it has already been configured in the Pangea Console. To configure a default provider, visit Select a provider as default.

Look up a breached user

To retrieve details about a user and check if their personal data has been breached, construct an API call with an email, phone_number, ip, or username. All other parameters are optional. Your API request might look like the example below:

For your app to communicate with the Pangea service, you must put the values of the following Configuration Details into the PANGEA_INTEL_TOKEN and PANGEA_DOMAIN environment variables:

  • token
  • domain

These Configuration Details are created when you enable User Intel and can be found in the Overview section under User Intel.

Set environment variables

To set each variable in bash:

export PANGEA_DOMAIN="yourServiceDomain"
export PANGEA_INTEL_TOKEN="yourAccessToken"
POST/v1/user/breached
curl -sSLX POST 'https://user-intel.'"$PANGEA_DOMAIN"'/v1/user/breached' \
-H 'Authorization: Bearer '"$PANGEA_INTEL_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"email":"test@example.com"}'

Look up a breached password

To find out if a password has been exposed in security breaches, provide a 5-character hash_prefix of the password and the hash_type. All other parameters are optional. Your API request might look like the example below:

POST/v1/user/breached
curl -sSLX POST 'https://user-intel.'"$PANGEA_DOMAIN"'/v1/password/breached' \
-H 'Authorization: Bearer '"$PANGEA_INTEL_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"hash_type":"sha256","hash_prefix":"5baa6"}'

Was this article helpful?

Contact us