Leaks.ai API (1.0.0)
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

REST API for Leaks.ai - monitor credential exposures across your organization's domains. Access leaks, infected endpoints, compromised resources, and exposed users. All list endpoints support pagination and filtering. Authentication via API key.

Download OpenAPI description

openapi.json

openapi.yaml

Servers

Mock server

https://docs.leaks.ai/_mock/openapi

API base path

https://api.leaks.ai/api/v1

Domains

Monitored domains

Operations

Leaks

Credential leaks

Operations

List leaks

Request

Returns paginated leaks. Scope by domain(s) via domain_id. If omitted, returns leaks across all org domains.

Security

ApiKeyAuth

Query

domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890

pageinteger

Page number (1-based).

Default 1

per_pageinteger<= 100

Items per page (max 100).

Default 25

statusstring

Filter by status (repeatable)

Enum"new""investigating""resolved""false_positive"

risk_levelstring

Filter by risk level; comma-separated or repeated; case-insensitive (e.g. none,low,medium). To get only actionable leaks, use risk_level=low,medium,high

Example: risk_level=none,medium

loginstring

Search by login (substring)

passwordstring

Search by password (substring)

urlstring

Search by URL (substring)

url_portinteger

Filter by URL port (exact)

url_pathstring

Search by URL path (substring)

user_idstring(uuid)

Filter by user UUID

resource_idstring(uuid)

Filter by resource UUID

endpoint_idstring(uuid)

Filter by endpoint UUID

sortstring

Sort: prefix with - for desc. Allowed: risk_level, first_seen, added_at

Example: sort=-risk_level,added_at

curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/leaks?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890&page=1&per_page=25&status=new&risk_level=none%2Cmedium&login=string&password=string&url=string&url_port=0&url_path=string&user_id=497f6eca-6276-4993-bfeb-53cbbbba6f08&resource_id=497f6eca-6276-4993-bfeb-53cbbbba6f08&endpoint_id=497f6eca-6276-4993-bfeb-53cbbbba6f08&sort=-risk_level%2Cadded_at' \
  -H 'Authorization: Bearer <YOUR_API Key_HERE>'

Responses

Success

Bodyapplication/json

dataArray of objects(Leak)

paginationobject(Pagination)

Response

application/json

{
  "data": [
    { … }
  ],
  "pagination": {
    "page": 1,
    "per_page": 25,
    "total_pages": 4,
    "total_results": 92
  }
}

Count leaks

Request

Returns total count of leaks matching filters. Same query parameters as list (except page, per_page, sort).

Security

ApiKeyAuth

Query

domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890

statusstring

Enum"new""investigating""resolved""false_positive"

risk_levelstring

loginstring

passwordstring

urlstring

url_portinteger

url_pathstring

user_idstring(uuid)

resource_idstring(uuid)

endpoint_idstring(uuid)

curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/leaks/count?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890&status=new&risk_level=string&login=string&password=string&url=string&url_port=0&url_path=string&user_id=497f6eca-6276-4993-bfeb-53cbbbba6f08&resource_id=497f6eca-6276-4993-bfeb-53cbbbba6f08&endpoint_id=497f6eca-6276-4993-bfeb-53cbbbba6f08' \
  -H 'Authorization: Bearer <YOUR_API Key_HERE>'

Responses

Success

Bodyapplication/json

dataobject

Response

application/json

{
  "data": {
    "count": 92
  }
}

Get leak by ID

Request

Returns a single leak with connections (resources, users, endpoints).

Security

ApiKeyAuth

Path

leak_idstring(uuid)required

Query

domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890

curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/leaks/{leak_id}?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890' \
  -H 'Authorization: Bearer <YOUR_API Key_HERE>'

Responses

Success

Bodyapplication/json

dataobject(LeakWithConnections)

Response

application/json

{
  "data": {
    "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "risk_level": 5,
    "risk_level_name": "medium",
    "status": "new",
    "url": "https://example.com/login",
    "login": "user@example.com",
    "password": "***",
    "first_seen": "2025-12-05T00:00:00.000Z",
    "added_at": "2025-12-05T01:09:22.879Z",
    "connections": { … }
  }
}

Endpoints

Infected Endpoints associated with leaks

Operations

Resources

Resources (domains, IPs, APKs) associated with leaks

Operations

Users

Users represent leaks grouped by login (email or username).

Operations

Leaks.ai API (1.0.0)
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude

Domains

Leaks

List leaks

Request

Responses

Was this helpful?

Count leaks

Request

Responses

Was this helpful?

Get leak by ID

Request

Responses

Was this helpful?

Endpoints

Resources

Users

Leaks.ai API (1.0.0)CopyCopy for LLMCopy page as Markdown for LLMsView as MarkdownOpen this page as MarkdownOpen in ChatGPTGet insights from ChatGPTOpen in ClaudeGet insights from Claude

Domains

Leaks

List leaks

Request

Responses

Was this helpful?

Count leaks

Request

Responses

Was this helpful?

Get leak by ID

Request

Responses

Was this helpful?

Endpoints

Resources

Users

Leaks.ai API (1.0.0)
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude