Enzoic API - Developer Documentation
Visit our website
  • Enzoic Website
  • Getting Started
    • .NET Quick Start
    • Java Quick Start
    • JavaScript Quick Start
    • Ruby Quick Start
    • PHP Quick Start
    • Go Quick Start
    • Python Quick Start
  • Using the Enzoic API
  • Libraries
  • API reference
    • Passwords API
    • Credentials API
      • Hashed Credentials API
      • Cleartext Credentials API
        • Query Passwords for an Email Address
        • Query Passwords for a Domain
        • Query Passwords for a Partial Hash of an Email Address
      • Test Accounts
    • Exposures API
      • Get Exposures for an Email Address
      • Get Exposures for a Domain
      • Get Exposures for All Email Addresses in a Domain
      • Get Exposures by Date
      • Retrieve Details for an Exposure
    • Breach Monitoring API
      • Breach Monitoring by User
        • Add Breach Alert Subscriptions for Users
        • Remove Breach Alert Subscriptions for Users
        • Query Breach Alert Subscriptions for Users
      • Breach Monitoring by Domain
        • Add Breach Alert Subscriptions for Domains
        • Remove Breach Alert Subscriptions for Domains
        • Query Breach Alert Subscriptions for Domains
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Identity Breach Monitoring API
      • Monitoring Identities
        • Add Identities to Monitoring
        • Update Monitored Identities
        • Remove an Identity from Monitoring
        • Query Monitored Identities
      • Retrieving Identity Exposures
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • BIN Monitoring API
      • Monitoring BINs
        • Add Bank Identification Numbers to Monitoring
        • Remove Bank Identification Numbers from Monitoring
        • Query Monitored Bank Identification Numbers
      • Retrieving Exposed Payment Cards
      • Webhooks
        • Managing Webhooks
          • Register a Webhook
          • Update a Webhook
          • Delete a Webhook
          • Query Registered Webhooks
        • Webhook Test API
    • Payment Card Exposures API
      • Check a Card Number for Compromise
    • Account Status APIs
      • Account Status
      • Account Usage
    • Password Hash Algorithms
    • OpenAPI Specification
    • View OpenAPI Spec in Swagger UI
    • Postman Collection of API Examples
  • Password Strength Meter
    • Quick Start
    • Example
Powered by GitBook
On this page
  • 1. Get an API Key and Secret
  • 2. Install the Enzoic Library in Your Project
  • 3. Try Out Our Example Code
  • 4. Learn More

Was this helpful?

  1. Getting Started

PHP Quick Start

PreviousRuby Quick StartNextGo Quick Start

Last updated 2 years ago

Was this helpful?

1. Get an API Key and Secret

If you haven’t already, .

2. Install the Enzoic Library in Your Project

Use Nuget to install the Enzoic package in your project:

composer require enzoic/enzoic

3. Try Out Our Example Code

We’ve made calling the API dead simple. This sample code snippet shows you examples of calling the four supported APIs:

<?php

use Enzoic\Enzoic;
use Enzoic\PasswordType;

// Create a new Enzoic instance - this is our primary interface for making API calls
$enzoic = new Enzoic(YOUR_API_KEY, YOUR_API_SECRET);

// Check whether a password has been compromised
// see https://www.enzoic.com/docs-passwords-api/ for more information
$passwordCompromised = $enzoic->checkPassword('password-to-test'); 

if ($passwordCompromised === true) {
    echo 'Password is compromised';
}
else {
    echo 'Password is not compromised';
}

// Check whether a specific set of credentials are compromised
// see https://www.enzoic.com/docs-credentials-api/ for more information
$credentialsCompromised = $enzoic->checkCredentials('test@enzoic.com', 
    'password-to-test'); 

 if ($credentialsCompromised === true) {
    echo 'Credentials are compromised';
}
else {
    echo 'Credentials are not compromised';
}

// checkCredentials has optional parameters offering more control over performance.
//
// lastCheckDate: 
// A DateTime containing the timestamp of the last credentials check you performed 
// for this user.  If the date/time you provide for the last check is greater than 
// the timestamp Enzoic has for the last breach affecting this user, the check will 
// not be performed.  This can be used to substantially increase performance 
// after the initial call.
//
// excludeHashAlgorithms: 
// An array of PasswordTypes to ignore when calculating hashes for the credentials 
// check.  By excluding computationally expensive PasswordTypes, such as BCrypt, it 
// is possible to balance the performance of this call against security.
//

// should be set to the last time you checked credentials for this user for 
// performance
$dateOfLastCredentialsCheck = new DateTime('2020-07-01T02:05:03.000Z');

// let's exclude BCrypt and PHPBB3 
$excludeHashAlgorithms = [ PasswordType::BCrypt, PasswordType::PHPBB3 ];

$credentialsCompromised = $enzoic->checkCredentials('test@enzoic.com', 
    'password-to-test', $dateOfLastCredentialsCheck, $excludeHashAlgorithms);
    
if ($credentialsCompromised === true) {
    echo 'Credentials are compromised';
}
else {
    echo 'Credentials are not compromised';
}

// get all exposures for the given user
// see https://www.enzoic.com/docs-exposures-api/#get-exposures for more information
$userExposures = $enzoic->getExposuresForUser('eicar_1@enzoic.com');

echo count($userExposures).' exposures found for eicar_1@enzoic.com';
    
// now get the full details for the first exposure returned in the list
// see https://www.enzoic.com/docs-exposures-api/#get-exposure-details for more 
// information
$exposureDetails = $enzoic->getExposureDetails($userExposures[0]);

echo 'First exposure for test@enzoic.com was '.$exposureDetails->{'title'};

// get all passwords for a given user - requires special approval, contact Enzoic 
// sales, see https://www.enzoic.com/docs-raw-passwords-api/ for more information
$userPasswords = $enzoic->getPasswordsForUser("eicar_0@enzoic.com");
echo "First password for eicar_0@enzoic.com was "
    .$userPasswords->{'passwords'}[0]->{'password'};

?>

4. Learn More

That should get you started. Check out the for more details. Make sure you also review the page.

sign up for a free trial
GitHub project page
Using the Enzoic API