- 26 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Have I Been Pwned
- Updated on 26 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Have I Been Pwned (HIBP) API is a cybersecurity service that allows users and organizations to check whether their email addresses, usernames, or passwords have been exposed in known data breaches. For detailed information refer to the Have I Been Pwned official documentation.
Integration Method: API
Tables: Detection Finding (2004)
This integration supports the following type of events.
Event | Description |
---|---|
Detection Finding | Detect possible breaches in the account. |
This integration supports the following versions.
Have I Been Pwned API version | v3.0 |
Note:
Have I Been Pwned doesn’t follow a traditional versioning system.
Prerequisites
The user should have access to the HIBP portal with a subscription.
The user should have access to the DataBee console.
Configuration Overview
Generate an API token after logging in to Have I Been Pwned console.
Add the Have I Been Pwned data feed integration in the DataBee console with the required API token.
DataBee Parameter
HIBP Parameter
Token
HIBP Configuration
Navigate to Have I Been Pwned console. On this page, you'll be prompted to enter your email address that you wish to associate with your subscription.
Click Verify my email to confirm your email address.
Using the link provided, you will be able to finalize your subscription and gain access to your API key shared through mail.
Note:
Save the API Key and the key will expire in 30/365 days based on the subscription. Post expiration you will have to generate them again and update API Key in DataBee data feed as well.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for Have I Been Pwned and click it as shown below.
Click on the API Ingest option for the collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Bearer Token
API Base URL: this is the base URL that DataBee will interact with.
Token: paste the API KEY generated earlier in the Have I Been Pwned console.
Event types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.