Have I Been Pwned
  • 26 Mar 2025
  • 1 Minute to read
  • Dark
    Light

Have I Been Pwned

  • Dark
    Light

Article summary

Have I Been Pwned (HIBP) API is a cybersecurity service that allows users and organizations to check whether their email addresses, usernames, or passwords have been exposed in known data breaches. For detailed information refer to the Have I Been Pwned official documentation.

Integration Method: API

Tables: Detection Finding (2004)

This integration supports the following type of events.

Event

Description

Detection Finding

Detect possible breaches in the account.

This integration supports the following versions.

Have I Been Pwned API version

v3.0

Note:

Have I Been Pwned doesn’t follow a traditional versioning system.

Prerequisites

  • The user should have access to the HIBP portal with a subscription.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate an API token after logging in to Have I Been Pwned console.

  2. Add the Have I Been Pwned data feed integration in the DataBee console with the required API token.

    DataBee Parameter

    HIBP Parameter

    Token

    API Key

HIBP Configuration

  1. Navigate to Have I Been Pwned console. On this page, you'll be prompted to enter your email address that you wish to associate with your subscription.

  2. Click Verify my email to confirm your email address.

  3. Using the link provided, you will be able to finalize your subscription and gain access to your API key shared through mail.
     

    Note:

    Save the API Key and the key will expire in 30/365 days based on the subscription. Post expiration you will have to generate them again and update API Key in DataBee data feed as well.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     A screenshot of a computer  AI-generated content may be incorrect.

  2. Search for Have I Been Pwned and click it as shown below.


    A screenshot of a computer  AI-generated content may be incorrect.

  3. Click on the API Ingest option for the collection method.
     

  4. Enter feed contact information and click Next.


  5. In the configuration page, confirm the following:

    • Authorization Method: Bearer Token

    • API Base URL: this is the base URL that DataBee will interact with.

    • Token: paste the API KEY generated earlier in the Have I Been Pwned console.

    • Event types: preselected for all the event types that integration pulls.

  6. Click Submit.

Troubleshooting Tips

  • Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence