Account Info API

Updated on 22 May 2024

Print
Share
Dark
Light

Article summary

Did you find this summary helpful?

Thank you for your feedback

The Account Info API lets you access the attack status and risk score of an account on your application.

Make a request

All requests must be sent over HTTPS; Requests made over HTTP will fail. In addition, each request must have the following:

A host: The Account Defender host URL is always https://console.humansecurity.com/api/v1/account_defender/.
A bearer token: You must authenticate each request with your server token. You can learn how to generate a token with our help article.
The content type: This is always application/json.

Endpoints

Method	Endpoint
GET	account/{account_id}

Parameters

Path Parameters

Path Parameter	Description
`{account_id}`	The ID for an account.

Query Parameters

Query Parameter	Required or Optional	Description	Type
`attack_types`	Optional	The type of attack(s) to check for on the account. Can be `[‘ato’, ‘fake_account’]`, `[‘ato’]`, `[‘fake_account’]`, or `[]`. If this parameter is not sent, then all available attack types on the account will be checked. The API will return a response based on your available attack types. If two `attack_types` are requested, then the API will prioritize returning a response for the attack that has a Pending status. If both are Pending, then the response will be for the attack with the higher risk score. Otherwise, the returned response will be the Resolved or Archived attack with the highest risk score. For example, if the account has a Pending attack with a risk score of 60 as well as an Archived attack with a risk score of 100, the returned response will be for the Pending attack.	Array

Sample request

curl -X GET /
    -H 'Authorization: Bearer <YOUR_TOKEN>' /
    -H 'Content-Type: application/json' /
    -url https://console.perimeterx.com/api/v1/account_defender/account/123456789?attack_types=['ato']

Sample response

{ 
    "account_id": "123456789"
    "is_under_attack": true
    "is_manually_created": true
    "risk_score": 100
}

Response definitions

Response item	Description	Type
`account_id`	The ID for the account.	String
`is_under_attack`	The status for the attack corresponding to the statuses displayed in the Account Defender portal. `true` corresponds to Pending attacks. `false` corresponds to Resolved or Archived attacks The account does not exist The account exists, but it was never under attack	Boolean
`is_manually_created`	Whether the account was manually changed to be under attack. This response is only returned if the value is `true` .	Boolean
`risk_score`	The risk score for the attack from 0-100.	Integer

Error responses

Error code	Description	Details
400	Bad request	`{ "result": false, "content": "Invalid value: attack_types.0" }`

Was this article helpful?

What's Next

Client Action APIs

Table of contents

Make a request
Endpoints
Parameters
Sample request
Sample response
Error responses