Have I been pwned

FREE
By troyhunt
Updated 5 months ago
Other
6.2/10
Popularity Score
169ms
Latency
-
Success Rate

Have I been pwned API Documentation

The "Have I been pwned?" service allows you to search for accounts (usernames and email addresses) that have appeared in data breaches that the attackers have made public.

View API Details
GETGet breached sites for account
GETGet breached sites for account

The most common use of the API is to return a list of all breaches a particular account has been involved in. The API takes a single parameter which is the account to be searched for. The account is not case sensitive and will be trimmed of leading or trailing white spaces. The account should always be URL encoded.

Header Parameters
X-RapidAPI-HostSTRING
REQUIRED
X-RapidAPI-KeySTRING
REQUIRED
Required Parameters
accountSTRING
REQUIREDThe username or email to be tested
Code Snippet
unirest.get("https://troyhunt-have-i-been-pwned.p.rapidapi.com/v2/breachedaccount/foo")
.header("X-RapidAPI-Host", "troyhunt-have-i-been-pwned.p.rapidapi.com")
.header("X-RapidAPI-Key", "SIGN-UP-FOR-KEY")
.end(function (result) {
  console.log(result.status, result.headers, result.body);
});
Sample Response
General
Request URL: https://troyhunt-have-i-been-pwned.p.rapidapi.com/v2/breachedaccount/{account}
Request Method: GET
Response Headers
Response Body

Install SDK for NodeJS

Installing

To utilize unirest for node.js install the the npm module:

$ npm install unirest

After installing the npm package you can now start simplifying requests like so:

var unirest = require('unirest');

Creating Request

unirest.get("https://troyhunt-have-i-been-pwned.p.rapidapi.com/v2/breachedaccount/foo")
.header("X-RapidAPI-Host", "troyhunt-have-i-been-pwned.p.rapidapi.com")
.header("X-RapidAPI-Key", "SIGN-UP-FOR-KEY")
.end(function (result) {
  console.log(result.status, result.headers, result.body);
});
OAuth2 Authentication
Client ID
Client Secret
OAuth2 Authentication