Skip to main content

Documentation Index

Fetch the complete documentation index at: https://api.docs.flare.io/llms.txt

Use this file to discover all available pages before exploring further.

Access to this feature requires an addon. Please contact your Customer Success Manager for more details.
Flare exposes Intelligence Feeds delivered via TAXII 2 at https://api.flare.io/taxii2/.

Available Feeds

FeedTAXII 2 ID
Full Feed (with context)d6092c37-d8d7-45c3-8aff-c4dc26030608
IPV4 Onlyfeed--689f0191-3b4d-47c8-9313-85820aae7c27
Domains Onlyfeed--a2e7ea2d-ec01-4550-91e5-1316282d01a0
URLs Onlyfeed--af0848cc-ae01-4937-93fe-5d9bf69ba3d2
Feed URLs can be constructed using:
  • Format: https://api.flare.io/taxii2/collections/<TAXII 2 ID >/
  • Example: https://api.flare.io/taxii2/collections/d6092c37-d8d7-45c3-8aff-c4dc26030608/

Authentication

The intelligence feeds use HTTP Basic Auth, which most TAXII clients support:
  • The username should be set to api-key.
  • The password should be your Flare API Key.
Obtaining an API key is documented in the Authentication Guide .

Query Parameters

Parameter NameDescriptionExample
added_afterfilter the IOCs that were added after the timestamp?added_after=2026-02-04T12:05:00.000Z
limitrestricts the results by the specified amount?limit=25

Code Examples

Code examples for connecting to the feeds can be found in this Github repository: The following example uses taxii2-client, which is available on PyPI. 
import datetime
import os

from taxii2client.v21 import Server
from taxii2client.v21 import as_pages


def main() -> None:
    server = Server(
        "https://api.flare.io/taxii2/",
        user="api-key",  # Do not change the user.
        password=os.environ["FLARE_API_KEY"],
    )

    print(server.title)

    api_root = server.api_roots[0]

    start_date: datetime.datetime = datetime.datetime.now() - datetime.timedelta(
        hours=2
    )

    # Iterate through the available collections and print new items
    for collection in api_root.collections:
        print(collection.title)

        # Pagination request.
        for envelope in as_pages(
            collection.get_objects,
            per_request=50,
            added_after=start_date,
        ):
            print(envelope)


if __name__ == "__main__":
    main()