Developer Portal AUTHENTICATION
Back to Dashboard

Developer Authentication

The breach.rip API uses a standard header-based authentication protocol. All requests must be authenticated using your unique API key found in your account dashboard. Never expose your API key in client-side code.

Request Header
Send your key via the x-api-key custom header.
x-api-key: YOUR_PRIVATE_KEY
Base URL
All endpoints are relative to the production base URL.
https://breach.rip/api/v1
Global cURL Example
Shell / cURL
# Test your connection and authentication
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: BR_LIVE_9283..." \
  -H "Content-Type: application/json" \
  -d '{"query": "admin@breach.rip", "type": "breaches"}'

Integration Guide

Learn how to seamlessly integrate breach.rip intelligence into your own security tools, web applications, or automated threat hunting pipelines.

Backend Implementation (Node.js)
Javascript / Node.js
const axios = require('axios');

async function lookupBreach(query) {
  const response = await axios.post('https://breach.rip/api/v1/search', {
    query: query,
    type: 'breaches'
  }, {
    headers: { 'x-api-key': process.env.BREACH_API_KEY }
  });

  return response.data.results;
}
Security Best Practices
  • Environment Variables: Always store your API key in secure environment variables (e.g., .env files).
  • Proxy Requests: Always call the breach.rip API from your backend server. Do not call it from the browser (Frontend) to avoid key theft.
  • Caching: Consider caching results for 24 hours to optimize credit usage for repeated queries.
  • Error Handling: Implement robust retry logic for rate limits (HTTP 429).

Billing & Rate Limits

Our API is designed for high-performance security operations. Credit deduction only occurs on successful data retrieval.

Credit Logic
Each successful lookup costs exactly 1 credit. Failed lookups or "No Results Found" queries cost 0 credits.
Rate Limits
Standard Limit: 20 Requests / Minute.
If exceeded, a 5-minute block is automatically applied.

Breaches Search

Query over 15 billion records from 3,000+ historical data breaches. This endpoint provides deep exposure analysis including emails, usernames, and associated metadata.

cURL Command
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"test@example.com","type":"breaches"}'
Response Schema
{ "success": true, "results": [ { "source": "breach.rip", "email": "target@email.com", "password": "hashed_or_plain", "database": "Original_Leak_Name" } ] }

Stealer Logs

Access intelligence from modern malware infections (RedLine, Raccoon, Vidar). This endpoint extracts compromised credentials, system info, and browser session data.

cURL Command
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"target_username","type":"stealer"}'

Email to Socials

Determine which social media platforms an email is registered on. Includes 2FA status and masked phone number hints for account recovery analysis.

cURL Command
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"target@email.com","type":"socials"}'
Response Insight
{ "success": true, "results": [{ "Instagram": { "exists": true, "twoFA": true, "data": ["(***) ***-**15"] } }] }

Passwords

Query directly against our massive password dictionary and dehashed database.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"example@gmail.com","type":"passwords"}'
Response Object
JSON RESPONSE
{ "success": true, "results": [ { "source": "breach.rip", "Password": "123456" } ] }

Domains

Perform reconnaissance on target domains to extract linked subdomains and infrastructure details.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"example.com","type":"domains"}'

Discord ID

Resolve Discord Snowflakes (IDs) to extract historical usernames, avatar hashes, and linked accounts.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"123456789012345678","type":"discord id"}'

Roblox

Extract deep account information for Roblox users, including historical data.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"target_username","type":"roblox"}'

Telegram

Investigate Telegram usernames or IDs to find linked phone numbers or historical aliases.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"target_user","type":"telegram"}'

IP Geolocation

Retrieve highly accurate geolocation data, ISP info, and ASN details for any IPv4/IPv6 address.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"8.8.8.8","type":"ip geolocation"}'

Phone Lookup

Cross-reference international phone numbers against telecommunication breaches and public records.

Execute Request
JSON BODY
curl -X POST "https://breach.rip/api/v1/search" \
  -H "x-api-key: YOUR_KEY" \
  -d '{"query":"+1234567890","type":"phone lookup"}'