Skip to main content
POST
/
astp
/
urls
/
by_credential_hash
List URLs by Credential Hash
curl --request POST \
  --url https://api.flare.io/astp/urls/by_credential_hash \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "credential_hash": "<string>",
  "size": 123,
  "from": "<string>"
}
'
import requests

url = "https://api.flare.io/astp/urls/by_credential_hash"

payload = {
"credential_hash": "<string>",
"size": 123,
"from": "<string>"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({credential_hash: '<string>', size: 123, from: '<string>'})
};

fetch('https://api.flare.io/astp/urls/by_credential_hash', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.flare.io/astp/urls/by_credential_hash",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'credential_hash' => '<string>',
'size' => 123,
'from' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.flare.io/astp/urls/by_credential_hash"

payload := strings.NewReader("{\n \"credential_hash\": \"<string>\",\n \"size\": 123,\n \"from\": \"<string>\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.flare.io/astp/urls/by_credential_hash")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"credential_hash\": \"<string>\",\n \"size\": 123,\n \"from\": \"<string>\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.flare.io/astp/urls/by_credential_hash")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"credential_hash\": \"<string>\",\n \"size\": 123,\n \"from\": \"<string>\"\n}"

response = http.request(request)
puts response.read_body
{
    "items": [
        {
            "url": "https://login.example.com/signin",
            "domain": "login.example.com",
            "credential_hash": "43804850e72d054f3648660557330630"
        },
        {
            "url": "https://mail.example.com/",
            "domain": "mail.example.com",
            "credential_hash": "43804850e72d054f3648660557330630"
        }
    ],
    "next": "WyJtYWlsLmV4YW1wbGUuY29tIl0"
}
This endpoint requires access to Account & Session Takeover Prevention (ASTP). Please contact your Customer Success Manager for more details.
Returns the URLs where a leaked credential was seen being used, for a single credential hash. Credential hashes are returned in the credential_hash field of each credential from the Search Credentials endpoint. Each result contains the full url (including scheme and path), its host (domain), and the credential_hash it belongs to.
{
    "items": [
        {
            "url": "https://login.example.com/signin",
            "domain": "login.example.com",
            "credential_hash": "43804850e72d054f3648660557330630"
        },
        {
            "url": "https://mail.example.com/",
            "domain": "mail.example.com",
            "credential_hash": "43804850e72d054f3648660557330630"
        }
    ],
    "next": "WyJtYWlsLmV4YW1wbGUuY29tIl0"
}

Paging

This endpoint supports the Flare standard paging pattern . Use the next value from the response as the from value in the next request to fetch additional URLs.

Body Parameters

credential_hash
string
required
The credential hash to look up URLs for, as returned in the credential_hash field of a credential.
size
number
default:"100"
Maximum number of URLs to return (maximum 5000).
from
string
The next value from the last response.