> ## Documentation Index
> Fetch the complete documentation index at: https://api.docs.flare.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Intelligence Feeds

<Info>
  Access to this feature requires an addon.
  Please contact your Customer Success Manager for more details.
</Info>

Flare exposes Intelligence Feeds delivered via
[TAXII 2](https://oasis-open.github.io/cti-documentation/taxii/intro.html)
at `https://api.flare.io/taxii2/`.

## Available Feeds

| Feed                     | TAXII 2 ID                                   |
| ------------------------ | -------------------------------------------- |
| Full Feed (with context) | `d6092c37-d8d7-45c3-8aff-c4dc26030608`       |
| IPV4 Only                | `feed--689f0191-3b4d-47c8-9313-85820aae7c27` |
| Domains Only             | `feed--a2e7ea2d-ec01-4550-91e5-1316282d01a0` |
| URLs Only                | `feed--af0848cc-ae01-4937-93fe-5d9bf69ba3d2` |

Feed URLs can be constructed using:

* Format: `https://api.flare.io/taxii2/collections/<TAXII 2 ID >/`
* Example: `https://api.flare.io/taxii2/collections/d6092c37-d8d7-45c3-8aff-c4dc26030608/`

## Authentication

The intelligence feeds use HTTP Basic Auth, which most TAXII clients support:

* The username should be set to `api-key`.
* The password should be your Flare API Key.

Obtaining an API key is documented in the
[Authentication Guide <Icon icon="book" size={16} />](/concepts/authentication).

## Query Parameters

| Parameter Name | Description                                         | Example                                 |
| -------------- | --------------------------------------------------- | --------------------------------------- |
| added\_after   | filter the IOCs that were added after the timestamp | `?added_after=2026-02-04T12:05:00.000Z` |
| limit          | restricts the results by the specified amount       | `?limit=25`                             |

## Code Examples

Code examples for connecting to the feeds can be found in this Github repository:

* [https://github.com/Flared/ioc-feeds-example](https://github.com/Flared/ioc-feeds-example)

The following example uses `taxii2-client`, which is
[available on PyPI](https://pypi.org/project/taxii2-client/).

```python theme={null}
import datetime
import os

from taxii2client.v21 import Server
from taxii2client.v21 import as_pages


def main() -> None:
    server = Server(
        "https://api.flare.io/taxii2/",
        user="api-key",  # Do not change the user.
        password=os.environ["FLARE_API_KEY"],
    )

    print(server.title)

    api_root = server.api_roots[0]

    start_date: datetime.datetime = datetime.datetime.now() - datetime.timedelta(
        hours=2
    )

    # Iterate through the available collections and print new items
    for collection in api_root.collections:
        print(collection.title)

        # Pagination request.
        for envelope in as_pages(
            collection.get_objects,
            per_request=50,
            added_after=start_date,
        ):
            print(envelope)


if __name__ == "__main__":
    main()
```