Enzoic API - Developer Documentation
Visit our website
  • Enzoic Website
  • Getting Started
    • .NET Quick Start
    • Java Quick Start
    • JavaScript Quick Start
    • Ruby Quick Start
    • PHP Quick Start
    • Go Quick Start
    • Python Quick Start
  • Using the Enzoic API
  • Libraries
  • API reference
    • Passwords API
    • Credentials API
      • Hashed Credentials API
      • Cleartext Credentials API
        • Query Passwords for an Email Address
        • Query Passwords for a Domain
        • Query Passwords for a Partial Hash of an Email Address
      • Test Accounts
    • Exposures API
      • Get Exposures for an Email Address
      • Get Exposures for a Domain
      • Get Exposures for All Email Addresses in a Domain
      • Get Exposures by Date
      • Retrieve Details for an Exposure
    • Breach Monitoring API
      • Breach Monitoring by User
        • Add Breach Alert Subscriptions for Users
        • Remove Breach Alert Subscriptions for Users
        • Query Breach Alert Subscriptions for Users
      • Breach Monitoring by Domain
        • Add Breach Alert Subscriptions for Domains
        • Remove Breach Alert Subscriptions for Domains
        • Query Breach Alert Subscriptions for Domains
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Identity Breach Monitoring API
      • Monitoring Identities
        • Add Identities to Monitoring
        • Update Monitored Identities
        • Remove an Identity from Monitoring
        • Query Monitored Identities
      • Retrieving Identity Exposures
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • BIN Monitoring API
      • Monitoring BINs
        • Add Bank Identification Numbers to Monitoring
        • Remove Bank Identification Numbers from Monitoring
        • Query Monitored Bank Identification Numbers
      • Retrieving Exposed Payment Cards
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Payment Card Exposures API
      • Check a Card Number for Compromise
    • Account Status APIs
      • Account Status
      • Account Usage
    • Password Hash Algorithms
    • OpenAPI Specification
    • View OpenAPI Spec in Swagger UI
    • Postman Collection of API Examples
  • Password Strength Meter
    • Quick Start
    • Example
Powered by GitBook
On this page

Was this helpful?

Getting Started

Next.NET Quick Start

Last updated 3 months ago

Was this helpful?

Enzoic has a series of simple hosted REST APIs which allow you to harness the power of our massive database of compromised credentials and accounts for integration into your application or website.

While any of our APIs are callable directly, by far the easiest way to get started using Enzoic is to use one of our rich suite of that you can use within your applications. We offer a series of Quick Start tutorials for each.

You can download a Postman collection with a set of example API calls

The full OpenAPI spec for the Enzoic API is available for , or you can .

Enzoic consists of the following:

Lookup whether a given password exists in our database of compromised passwords.

Typical Use Case:

Integration into account signup forms and password change forms to alert users if they enter a known compromised password in order to ensure users aren’t using exposed passwords that cybercriminals routinely include in password cracking dictionaries.

Securely lookup whether a given username/password combination exists in our database of compromised account credentials.

Typical Use Case:

As users log into a website or application, their credentials are checked against this API and, if compromised, the login can be blocked and redirected into a password reset flow. This prevents cybercriminals from logging in using stolen credentials.

Securely lookup all the compromised passwords Enzoic has for a given user. The passwords are returned in cleartext, if available, or in the raw hash format that was recovered.

Typical Use Case:

A user’s credentials are periodically checked offline to determine if they are compromised. Note: This API is extremely sensitive and restricted to organizations that pass extensive vetting. Please if you believe you have an appropriate use case for this API.

Lookup what exposures a given email address or domain has been involved in.

Typical Use Case:

Periodic scans across your user base can determine if one of your users has been involved in any new exposures. If so, a notification can be sent to the user and potentially a password reset required.

Unless otherwise noted, all APIs are implemented as REST web services with JSON responses.

Allows you to register email addresses (or domain) so that you will be notified when a new exposure of that address occurs. Notification occurs via a POST to a webhook URL you specify.

Typical Use Case:

Proactive notification about whether your users are involved in a new exposure provides a way to enrich your threat intelligence and allow immediate notification the moment a new exposure is found.

Allows you to register an individual's identity by submitting relevant personally identifiable information (PII) and financial data for monitoring. You will be notified when a new exposure of any portion of that PII occurs. Notification occurs via a POST to a webhook URL you specify.

Typical Use Case:

Proactive notification about whether your users' identities are involved in a new exposure provides a way to prevent fraud, identity theft and exploitation.

Allows you to register your financial institution's Bank Identification Numbers (BINs) for monitoring. You will be notified when a new exposure of any credit card associated with one of the monitored BINs occurs. Notification occurs via a POST to a webhook URL you specify.

Typical Use Case:

Prevent fraudulent usage of your institution's issued credit cards by intercepting the exposure of a stolen number the moment it is shared online. Newly found numbers will typically be posted to you within seconds of being recovered by Enzoic.

The easiest way to use Enzoic. We have libraries available for most major development languages. If you don’t see the one you’re looking for, give us a shout. We’ll be happy to add it for you!

A JavaScript library which allows you to easily replace the password strength meter on your website’s signup form or password change form with one that leverages the Passwords API.

Register for a free .

libraries
here
download
view the OpenAPI spec using the Swagger UI
Passwords API
Credentials API
Cleartext Credentials API
contact sales
Exposures API
Breach Monitoring API
Identity Breach Monitoring API
BIN Monitoring API
Libraries
Password Strength Meter
API Key