Use Breach Intel
Use the user/breached endpoint to make an API call and return user details
You can create an API request to retrieve as few or as many details as you need.
In the API requests below, “provider” does not appear in the request because it has already been configured in the Pangea Console. To configure a default provider, visit Select a provider as default.
Look up a breached user
To retrieve details about a user and check if their personal data has been breached, construct an API call with an email, phone_number, ip, or username. All other parameters are optional. Your API request might look like the example below:
For your app to communicate with the Pangea service, you must put the values of the following Configuration Details into the PANGEA_INTEL_TOKEN and PANGEA_DOMAIN environment variables:
token
domain
These Configuration Details are created when you enable User Intel and can be found in the Overview section under User Intel.
Set environment variables
To set each variable in bash:
export PANGEA_DOMAIN="yourServiceDomain"
export PANGEA_INTEL_TOKEN="yourAccessToken"
curl -sSLX POST 'https://user-intel.'"$PANGEA_DOMAIN"'/v1/user/breached' \
-H 'Authorization: Bearer '"$PANGEA_INTEL_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"email":"test@example.com"}'
Look up a breached password
To find out if a password has been exposed in security breaches, provide a 5-character hash_prefix of the password and the hash_type. All other parameters are optional. Your API request might look like the example below:
curl -sSLX POST 'https://user-intel.'"$PANGEA_DOMAIN"'/v1/password/breached' \
-H 'Authorization: Bearer '"$PANGEA_INTEL_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"hash_type":"sha256","hash_prefix":"5baa6"}'
Was this article helpful?