Retrieving Identity Exposures

Pull past exposures of user identities

The following API endpoint allows you to retrieve historical exposures for a given identity, using your API key. This can be used in complementary fashion with the monitoring APIs to both monitor for new exposures of a given identity, after pulling the past exposures. Note that you will need to have Identity Breach Monitoring added to your subscription before you can call this API.

PreviousQuery Monitored Identities NextWebhooks

Last updated 7 months ago

Was this helpful?

Pull historical exposures for a specific identity

Allows you to pull historical exposure details for an individual identity. The identity can include elements such as name, physical address, phone numbers, government IDs, email addresses, credit cards, etc.

post

/identity-exposures

Authorizations

Body

firstNamestringrequired

Legal first name

Example: John

lastNamestringrequired

Legal last name

Example: Doe

countrystringrequired

The ISO 3166-1 alpha 2 country code for the individual

Example: US

address1string

Physical street address

Example: 1234 Main St

address2string

Physical address line 2

Example: Suite 100

citystring

Physical address city

Example: New York

provincestring

Physical address province/state (2 letter abbreviation for US states)

Example: NY

postalCodestring

Physical address postal code (5-digit ZIP code in US)

Example: 12345

emailsstring[]

An array of email addresses associated with this identity

creditCardsstring[]

An array of payment card numbers associated with this identity

cryptocurrencyWalletsstring[]

An array of cryptocurrency wallet addresses

urlsstring[]

An array of URLs associated with this identity. The URL scheme must be included and can be http, https, ftp, ftps, smtp or smtps. URLs are partial match from the beginning of the value, so if https://www.enzoic.com/some/page was found in a breach and https://www.enzoic.com was the URL being monitored, this would be considered a match.

ip4Addressesstring[]

An array of IPv4 addresses to monitor

ip6Addressesstring[]

An array of IPv6 addresses to monitor

governmentIDobject

A national identifier for this individual (e.g. Social Security Number in the US)

phoneNumbersobject[]

An array of phone numbers associated with this identity

secondaryMatchItemsobject[]

An array of secondary items to match. Secondary matches occur after an identity is matched using the core PII provided above (name, government ID, etc.). If an identity is matched using the core PII, Enzoic looks within close proximity to it for secondary matches that should be flagged as well. Secondary match information can include anything relatively unique to the user and not already covered in one of the core PII categories, e.g. financial account numbers, localty card numbers, a US Employer Identification Number (EIN), passport number, etc.

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.enzoic.com/v1/identity-exposures' \
  --header 'Authorization: Basic username:password' \
  --header 'Content-Type: application/json' \
  --data '{"firstName":"John","lastName":"Doe","country":"US","address1":"1234 Main St","address2":"Suite 100","city":"New York","province":"NY","postalCode":12345,"emails":["test@enzoic.com"],"creditCards":["4111-1111-1111-1111"],"cryptocurrencyWallets":["34xp4vRoCGJym3xR7yCVPFHoCNxv4Twseo"],"urls":["https://www.enzoic.com"],"ip4Addresses":["134.88.23.1"],"ip6Addresses":["2001:0db8:85a3:0000:0000:8a2e:0370:7334"],"governmentID":{"country":"US","value":"123-12-1234"},"phoneNumbers":[{"value":"text"}],"secondaryMatchItems":[{"description":"Bank of America Checking Account","value":90082323215}]}'

200

{
  "matches": [
    {
      "exposureID": "text",
      "rawMatchSource": "Jimmy Dean\n2121 Cherrybrook Dr, Suite 200 Heisenberg, CO 12345\nSSN 232-44-3432\nMobile: (555) 323-4423\njimmy@nowhere.com\nVisa 4111111111111111 03/28 444\nBTC Wallet 0xb794f5ea0ba39494ce839613fffba74279579268 (1.0233 balance)\nEIN: 12-3123122\nWells Fargo Checking - Account #900000001\n",
      "matchedItems": {
        "foundValue": "4111-1111-1111-1111",
        "queriedValue": 4111111111111111
      }
    }
  ]
}

The response body contains the requested results.