> ## Documentation Index
> Fetch the complete documentation index at: https://api.docs.flare.io/llms.txt
> Use this file to discover all available pages before exploring further.

# List by Password

<Warning>
  **DEPRECATED:** This endpoint should be replaced by
  [/astp/v2/credentials/\_search <Icon icon="code" size={16} />](/api-reference/astp/endpoints/post-credentials-search)
</Warning>

<Info>
  This endpoint requires access to Account & Session Takeover Prevention (ASTP).
  Please contact your Customer Success Manager for more details.
</Info>

This endpoint allow to search by passwords.
It will return a list of JSON objects containing identities that have been associated seen using this password.

Results are returned in ascending order by id.

<ResponseExample>
  ```json Response Example theme={null}
  [
    {
      "links": {},
      "name": "areqwt@gmail.com",
      "passwords": [
        {
          "credential_hash": "b3b09e44e625a30daa482e008f4dfe6f",
          "domain": "gmail.com",
          "extra": {},
          "hash": "password123",
          "hash_type": "unknown",
          "id": 4703,
          "imported_at": "2019-06-03T14:20:25.132662+00:00",
          "source": {
            "breached_at": "2019-01-07T21:59:00+00:00",
            "description": "In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum. The data contained almost 2.7 billion records including 773 million unique email addresses alongside passwords those addresses had used on other breached services.",
            "description_fr": "En janvier 2019, une grande collection de listes de bourrage d'identifiants (combinaisons d'adresses électroniques et de mots de passe utilisés pour prendre contrôle de comptes sur d'autres services) a été diffusée sur un forum de piratage populaire. Les données contenaient près de 2,7 milliards d'enregistrements, dont 773 millions d'adresses électroniques uniques aux côtés de mots de passe que ces adresses avaient utilisés sur d'autres services ayant subi des brèches de données.",
            "hash_description": "plaintext",
            "hash_type": "Plaintext",
            "id": "collection-1",
            "is_alerts_enabled": false,
            "leaked_at": "2019-01-07T21:59:00+00:00",
            "name": "Collection-1",
            "related_urls": [
              "https://example.com/leaks-source"
            ],
            "url": null
          },
          "source_id": "collection-1",
          "source_params": null
        }
      ]
    }
  ]
  ```
</ResponseExample>

## Path Parameters

<ParamField path="password" type="string" required />

## Query Parameters

<ParamField query="size" type="number">
  Maximum size of the JSON object that will be returned (maximum 10 000)
</ParamField>

<ParamField query="from" type="number">
  Id of the database entry you want to start from (excluding this id).
</ParamField>