Search for accounts using a known-compromised password

curl --request POST \ --url https://api.vantaprism.me/v1/search/password \ --header 'Content-Type: application/json' \ --header 'api-key: <api-key>' \ --data ' { "password": "Summer2024!", "limit": 25 } '

{ "data": [ { "stealer_id": "<string>", "victim_id": "<string>", "username": "<string>", "domain": "<string>", "url": "<string>", "infection_date": "2023-11-07T05:31:56Z" } ], "meta": { "request_id": "req_01HZXK3Q7N8YV6F3M2P9JABCDE", "took_ms": 42.7, "tier": "pro", "masked_fields": [ "password", "ip" ], "freshness_at": "2023-11-07T05:31:56Z" }, "nextCursor": "<string>" }

Authorizations

api-key

string

header

required

Static API key, format vp_<env>_<8-hex-prefix>.<40-hex-secret>. Preferred header for server-to-server integrations.

Body

application/json

password

string

required

Plaintext password to search for across stolen-credential records. Minimum 4 characters.

Required string length: 4 - 200

Example:

"Summer2024!"

start_date

string<date-time> | null

end_date

string<date-time> | null

sort_direction

enum<string>

default:desc

Sort order applied to inserted_at. Must stay constant across paginated requests using the same cursor.

Available options:

asc,

desc

cursor

string | null

limit

integer

default:25

Required range: 1 <= x <= 500

Response

Accounts using this password

data

object[]

required

Show child attributes