Enzoic API - Developer Documentation
Visit our website
  • Enzoic Website
  • Getting Started
    • .NET Quick Start
    • Java Quick Start
    • JavaScript Quick Start
    • Ruby Quick Start
    • PHP Quick Start
    • Go Quick Start
    • Python Quick Start
  • Using the Enzoic API
  • Libraries
  • API reference
    • Passwords API
    • Credentials API
      • Hashed Credentials API
      • Cleartext Credentials API
        • Query Passwords for an Email Address
        • Query Passwords for a Domain
        • Query Passwords for a Partial Hash of an Email Address
      • Test Accounts
    • Exposures API
      • Get Exposures for an Email Address
      • Get Exposures for a Domain
      • Get Exposures for All Email Addresses in a Domain
      • Get Exposures by Date
      • Retrieve Details for an Exposure
    • Breach Monitoring API
      • Breach Monitoring by User
        • Add Breach Alert Subscriptions for Users
        • Remove Breach Alert Subscriptions for Users
        • Query Breach Alert Subscriptions for Users
      • Breach Monitoring by Domain
        • Add Breach Alert Subscriptions for Domains
        • Remove Breach Alert Subscriptions for Domains
        • Query Breach Alert Subscriptions for Domains
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Identity Breach Monitoring API
      • Monitoring Identities
        • Add Identities to Monitoring
        • Update Monitored Identities
        • Remove an Identity from Monitoring
        • Query Monitored Identities
      • Retrieving Identity Exposures
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • BIN Monitoring API
      • Monitoring BINs
        • Add Bank Identification Numbers to Monitoring
        • Remove Bank Identification Numbers from Monitoring
        • Query Monitored Bank Identification Numbers
      • Retrieving Exposed Payment Cards
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Payment Card Exposures API
      • Check a Card Number for Compromise
    • Account Status APIs
      • Account Status
      • Account Usage
    • Password Hash Algorithms
    • OpenAPI Specification
    • View OpenAPI Spec in Swagger UI
    • Postman Collection of API Examples
  • Password Strength Meter
    • Quick Start
    • Example
Powered by GitBook
On this page
  • 1. Get an API Key and Secret
  • 2. Install the Enzoic Library in Your Project
  • 3. Try Out Our Example Code
  • 4. Learn More

Was this helpful?

  1. Getting Started

JavaScript Quick Start

1. Get an API Key and Secret

If you haven’t already, sign up for a free trial.

2. Install the Enzoic Library in Your Project

Use Nuget to install the Enzoic package in your project:

npm install @enzoic/enzoic

3. Try Out Our Example Code

We’ve made calling the API dead simple. This sample code snippet shows you examples of calling the four supported APIs:

var Enzoic = require('enzoic');

// Create a new Enzoic instance - this is our primary interface for making API calls
var enzoic = new Enzoic(YOUR_API_KEY, YOUR_API_SECRET);

// Check whether a password has been compromised
enzoic.checkPassword('password-to-test', 
    (error, passwordCompromised) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else if (passwordCompromised === true) {
            console.log('Password is compromised');
        }
        else {
            console.log('Password is not compromised');
        }
    }
);

// Check whether a specific set of credentials are compromised
enzoic.checkCredentials('test@enzoic.com', 'password-to-test', 
    (error, credsCompromised) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else if (credsCompromised === true) {
            console.log('Credentials are compromised');
        }
        else {
            console.log('Credentials are not compromised');
        }
    }
);

// Enhanced version of checkCredentials offering more control over performance.
// The call introduces an options object parameter, which supports the following 
// settings:
//
// lastCheckDate: 
// The timestamp for the last check you performed for this user.
// If the date/time you provide for the last check is greater than the timestamp 
// Enzoic has for the last breach affecting this user, the check will not be 
// performed.  This can be used to substantially increase performance.
//
// excludeHashAlgorithms: 
// An array of PasswordTypes to ignore when calculating hashes for the credentials 
// check. By excluding computationally expensive PasswordTypes, such as BCrypt, it 
// is possible to balance the performance of this call against security.
//
enzoic.checkCredentialsEx('test@enzoic.com', 'password-to-test', 
    {
        lastCheckDate: new Date('2016-12-10T02:05:03.000Z'), 
        // see https://www.enzoic.com/docs-credentials-api/#PasswordHashType 
        excludeHashAlgorithms: [8, 11, 12] 
    },
    (error, credsCompromised) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else if (credsCompromised === true) {
            console.log('Credentials are compromised');
        }
        else {
            console.log('Credentials are not compromised');
        }
    }
);

// get all exposures for the given user
enzoic.getExposuresForUser('test@enzoic.com', 
    (error, result) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else {
            console.log(result.exposures.count + 
                ' exposures found for test@enzoic.com');
    
            // now get the full details for the first exposure returned in the list
            enzoic.getExposureDetails(result.exposures[0], 
                (error, exposureDetails) => {
                    if (error) {
                        console.log('Error calling API: ' + error);
                    }
                    else {
                        console.log('First exposure for test@enzoic.com was ' + 
                            exposureDetails.title);
                    }
                });
        }
    }
);

// get all exposures for a given domain - second parameter indicates whether to 
// include exposure details in results returns paged results per 
// https://www.enzoic.com/docs-exposures-api/#get-exposures-for-domain
enzoic.getExposuresForDomainEx('enzoic.com', true, 20, null,
    (error, result) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else {
            console.log(result.count + ' exposures found for enzoic.com');

            // print first page of results
            for (var i = 0; i < result.exposures.length; i++) {
                console.log('Exposure: ' + result.exposures.title + '\n');
            }

            // if pagingToken present, get next page of results
            if (result.pagingToken) {
                enzoic.getExposuresForDomainEx('enzoic.com', true, 20, 
                    result.pagingToken,
                    (error, secondPageResponse) => {
                        // process second page of results, etc.
                    });
            }
        }
    }
);

// get all users exposed for a given domain
// returns paged results per 
// https://www.enzoic.com/docs-exposures-api/#get-exposed-users-for-domain
enzoic.getExposedUsersForDomain('enzoic.com', 20, null, 
    (error, exposedUsers) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           // print first page of results
           for (var i = 0; i < exposedUsers.users.length; i++) {
               console.log('Exposed User: ' + exposedUsers.users[i].username + '\n');
           }
           
           // if pagingToken present, get next page of results
           if (exposedUsers.pagingToken) {
                enzoic.getExposedUsersForDomain('enzoic.com', 20, 
                    exposedUsers.pagingToken, 
                    (error, secondPageResponse) => {
                        // process second page of results, etc.
                    });   
           }
       }    
    }
);

// SHA256 hashes of a couple of email addresses
var arrUsernameSHA256Hashes = [
    'd56cdba2a920248f6487eb5a951013fcb9e4752a2ba5f1fa61ef8d235c44351e', 
    '006ddca2a920248f6487eb5a951013fcb9e4752a2ba5f1fa61ef8d235c44356e'
];

// subscribe for alerts for these users
enzoic.addUserAlertSubscriptions(arrUsernameSHA256Hashes, 
    (error, addResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           console.log('New subscriptions added: ' + addResponse.added + '\n' + 
                'Subscriptions already existing: ' + addResponse.alreadyExisted);
       }
    }
);

// delete subscriptions for these users
enzoic.deleteUserAlertSubscriptions(arrUsernameSHA256Hashes, 
    (error, deleteResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           console.log('Subscriptions deleted: ' + deleteResponse.deleted + '\n' + 
                'Subscriptions not found: ' + deleteResponse.notFound);
       }
    }
);

// check whether a user is already subscribed
enzoic.isUserSubscribedForAlerts(arrUsernameSHA256Hashes[0], 
    (error, subscribed) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else if (subscribed === true) {
           console.log('User already subscribed');
       }
       else {
           console.log('User not already subscribed');
       }    
    }
);

// get all users subscribed for alerts on this account 
// returns paged results per 
// https://www.enzoic.com/docs-exposure-alerts-service-api/#get-exposure-subscriptions
enzoic.getUserAlertSubscriptions(4 /* page size */, 
    null /* paging token - null on first call */, 
    (error, subscriptionsResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           // print first page of results
           for (var i = 0; i < subscriptionsResponse.usernameHashes.length; i++) {
               console.log('Username Hash: ' + 
                   subscriptionsResponse.usernameHashes[i] + '\n');
           }
           
           // if pagingToken present, get next page of results
           if (subscriptionsResponse.pagingToken) {
                enzoic.getUserAlertSubscriptions(4, 
                    subscriptionsResponse.pagingToken, 
                    function (error, secondPageResponse) {
                        // process second page of results, etc.
                    }
                );   
           }
       }    
    }
);

// test domains for alert subscriptions
var arrDomains = [
    'testdomain1.com', 
    'testdomain2.com' 
];

// subscribe for alerts for these domains
enzoic.addDomainAlertSubscriptions(arrDomains, 
    (error, addResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           console.log('New subscriptions added: ' + addResponse.added + '\n' + 
                'Subscriptions already existing: ' + addResponse.alreadyExisted);
       }
    }
);

// delete subscriptions for these domains
enzoic.deleteDomainAlertSubscriptions(arrDomains, 
    (error, deleteResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           console.log('Subscriptions deleted: ' + deleteResponse.deleted + '\n' + 
                'Subscriptions not found: ' + deleteResponse.notFound);
       }
    }
);

// check whether a domain is already subscribed
enzoic.isDomainSubscribedForAlerts(arrDomains[0], 
    (error, subscribed) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else if (subscribed === true) {
           console.log('Domain already subscribed');
       }
       else {
           console.log('Domain not already subscribed');
       }    
    }
);

// get all users subscribed for alerts on this account 
// returns pages results per 
// https://www.enzoic.com/docs-exposure-alerts-service-api/#get-exposure-subscriptions-domains
enzoic.getDomainAlertSubscriptions(4 /* page size */, 
    null /* paging token - null on first call */, 
    (error, subscriptionsResponse) => {
       if (error) {
           console.log('Error calling API: ' + error);
       } 
       else {
           // print first page of results
           for (var i = 0; i < subscriptionsResponse.domains.length; i++) {
               console.log('Domain: ' + subscriptionsResponse.domains[i] + '\n');
           }
           
           // if pagingToken present, get next page of results
           if (subscriptionsResponse.pagingToken) {
                enzoic.getDomainAlertSubscriptions(4, 
                    subscriptionsResponse.pagingToken, 
                    function (error, secondPageResponse) {
                        // process second page of results, etc.
                    }
                );   
           }
       }    
    }
);

// get all passwords Enzoic has for the specified user 
// returns results per https://www.enzoic.com/docs-raw-passwords-api
enzoic.getUserPasswords("eicar_0@enzoic.com",
    (error, userPasswordsResponse) => {
        if (error) {
            console.log('Error calling API: ' + error);
        }
        else {
            // print user passwords
            for (var i = 0; i < userPasswordsResponse.passwords.length; i++) {
                console.log('Password: ' + 
                    userPasswordsResponse.passwords[i].Password + '\n');
            }
        }
    }
); 

4. Learn More

That should get you started. Check out the GitHub project page for more details. Make sure you also review the Using the Enzoic API page.

PreviousJava Quick StartNextRuby Quick Start

Last updated 1 year ago

Was this helpful?