Skip to content

Leaks.ai API (1.0.0)

REST API for Leaks.ai - monitor credential exposures across your organization's domains. Access leaks, infected endpoints, compromised resources, and exposed users. All list endpoints support pagination and filtering. Authentication via API key.

Download OpenAPI description
openapi.json
openapi.yaml
Languages
Servers
Mock server
https://docs.leaks.ai/_mock/openapi
API base path
https://api.leaks.ai/api/v1

Domains

Monitored domains

Operations

Leaks

Credential leaks

Operations

Endpoints

Infected Endpoints associated with leaks

Operations

Resources

Resources (domains, IPs, APKs) associated with leaks

Operations

List resources

Request

Returns paginated resources (domains, IPs, APKs) associated with leaks. Includes owned and third-party; Scope by domain(s).

Security
ApiKeyAuth
Query
domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890
pageinteger

Page number (1-based).

Default 1
per_pageinteger<= 100

Items per page (max 100).

Default 25
risk_levelstring
resourcestring

Search by resource name (substring)

is_internalstring

Filter by internal group (true/false)

Enum"true""false"
is_third_partystring

true = only third-party, false = only owned

Enum"true""false"
accessibilitystring

Filter by accessibility status

Enum"online""offline""unreachable"
typestring

Filter by type; comma-separated: domain, ip, apk

Example: type=domain,ip
sortstring

Sort: prefix - for desc. Allowed: risk_level

curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/resources?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890&page=1&per_page=25&risk_level=string&resource=string&is_internal=true&is_third_party=true&accessibility=online&type=domain%2Cip&sort=string' \
  -H 'Authorization: YOUR_API_KEY_HERE'

Responses

Success

Bodyapplication/json
dataArray of objects(Resource)
paginationobject(Pagination)
Response
application/json
{
  "data": [
    {}
  ],
  "pagination": {
    "page": 1,
    "per_page": 25,
    "total_pages": 1,
    "total_results": 18
  }
}

Count resources

Request

Security
ApiKeyAuth
Query
domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890
risk_levelstring
resourcestring
is_internalstring
Enum"true""false"
is_third_partystring
Enum"true""false"
accessibilitystring
Enum"online""offline""unreachable"
typestring
curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/resources/count?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890&risk_level=string&resource=string&is_internal=true&is_third_party=true&accessibility=online&type=string' \
  -H 'Authorization: YOUR_API_KEY_HERE'

Responses

Success

Bodyapplication/json
dataobject
Response
application/json
{
  "data": {
    "count": 18
  }
}

Get resource by ID

Request

Returns a single resource with connections (endpoints and users). Users in connections have risk_level not None.

Security
ApiKeyAuth
Path
resource_idstring(uuid)required
Query
domain_idstring(uuid)

Domain UUID(s) to scope the request. Comma-separated for multiple. If omitted, all non-archived domains of the organization are used.

Example: domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890
curl -i -X GET \
  'https://docs.leaks.ai/_mock/openapi/resources/{resource_id}?domain_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890' \
  -H 'Authorization: YOUR_API_KEY_HERE'

Responses

Success

Bodyapplication/json
dataobject(ResourceWithConnections)
Response
application/json
{
  "data": {
    "id": "e5f6a7b8-c9d0-1234-ef01-567890123456",
    "resource": "api.example.com",
    "type": "domain",
    "is_internal": false,
    "is_third_party": true,
    "risk_level": 3,
    "risk_level_name": "low",
    "accessibility": "online",
    "connections": {}
  }
}

Users

Users represent leaks grouped by login (email or username).

Operations