API stands for Application Programming Interface, a software intermediary that allows two applications to talk to each other. In other words, an API is a messenger that delivers your request to the provider you’re requesting it from and delivers the response back to you.
Accessing account API properties
Please make sure that you are logged in with your account before attempting to access your account properties page.
In the browser’s address bar, you’ll need to enter the following URL to access your account properties page: https://securitytrails.com/app/account/
You can also access the account properties page by clicking on the “Account” button in the top right corner of the SecurityTrails.com homepage.
Following the instructions above will lead you to the account properties Home page. To access your account’s API properties, refer to the menu list on the left-hand side as shown:
Let’s explore each API tab to learn more.
Docs And Examples
This first tab in the API list is accessible by clicking on its name, as shown in the image below.
Here you’ll find useful links and instructions on where to find our API documentation, how to view or change API keys and try some of our API endpoints.
There is also a simple query example in cURL that you can run from your computer’s command line to make sure everything is working as expected.
Following the Docs And Examples tab is the API Keys tab, which you can access as per the instructions below:
This feature lets you manage your API keys, including adding them, removing them, and restricting access to each of them individually by IP address. You are given one API key by default once you have successfully registered your account on SecurityTrails.com. You’ll find that key here, as shown in the image below, under the API Keys tab.
Along with the actual API key, you can also see additional information including the date a specific API was created and notes on that key (if we provided any upon its creation). You can copy any of the API keys by clicking on the little double-page icon next to the key. The red button with the white recycle bin will remove that API key from your account.
To create a new API key, press the “Create New API Key” button in the upper right corner of the tab.
A new pop-up window will then appear requiring you to provide a note, as a reminder of what you are going to use that API key for. For this example, we’re naming our next API key “Second key”, and pressing the “Create New API Key” button in the lower right corner to finish.
If the above steps have been followed correctly, you should see the new API key listed with your note.
Deleting any API key will also result in the deletion of the rules for that key! This is explained in the following paragraph.
Access Restrictions is the second tab in our Key Management feature, located next to the already-opened API Keys tab in the upper left corner.
You can access API keys from any IP address you happen to be connecting to from our account. To prevent that, you’ll need to press the “Switch to Deny All” button in the Access Restrictions tab.
Please be advised that doing this might break your application and/or service access to our API endpoints. You should add the IP addresses of your applications and/or services that are dependent on our API endpoints here if you do not wish to break their functionality!
Because you have disabled access to external IPs from using our API keys, your next step is to create a new rule. Click on the “Create New Rule” button on the right and a new pop-up window will appear.
The first option in this pop-up window is to select which API keys you wish to create a rule for (the default option is to apply the rule for all keys). In the example above, we have selected our second key. In the next field, you’ll need to specify which IP address is allowed to access the API key that was selected in the field above. The last field is optional, in which you can add a note to help our team understand why this rule was applied. After providing all the necessary information, you can click on the “Create New Rule” button in the lower right corner to finish setting up the rule.
The new rule is now included in the Access Restrictions tab. From there you can only delete it by clicking on the red icon with the white recycle bin, as there is no option to edit rules.
Quota is the third tab on our API list, accessible as per the image below.
In this tab, you’ll see additional pieces of information about API query usage, limits, and types. If you ever run out of credits, you can simply upgrade your plan by clicking on the “Upgrade Now” button in the lower right corner of the Quota feature.
This will display the Upgrade Subscription window, where you can select your desired plan by clicking on the appropriate Select button.
Once your subscription is upgraded, you’ll be able to uncap your quota and take it to the next level.
API Usage Stats
This tab on our API list features the most comprehensive dashboard of them all, and is highly useful in keeping track of when, what, and how many queries and API endpoints have been used in the past. You can navigate to it as per the image below.
The first widget in this feature is API Requests Volume, presented in graph form to show API usage on a daily or monthly basis. This graph indicates daily usage by default, but in the image below we have chosen to view usage on a monthly basis. Hovering over any blue dot reveals how many queries you have used in that particular month. And clicking on the dot will redirect you to the last tab on the API list, the API Usage Log.
Below this graph is the Usage by Month table, showing the number of queries used in each relevant month. As with the previous graph, you can also click on any given month for detailed information about usage stored in the last tab, the API Usage Log.
Endpoint Accessed presents a list of all API endpoints that have been accessed in the last 30 days, along with the number of requests initiated to each.
The last widget in this tab is Recent Activity, presented in table form with the following columns:
- Endpoint provides the actual name of the API endpoint used
- Path describes how to invoke the API URL that will provide the information
- IP indicates the IP address from which the API request originated
- The Time column indicates when the request was initiated
- The Status column reveals whether or not the request was successful, by the code returned (200 if successful)
Clicking on the “More Details” button in the lower right corner will send you to the API Usage Log, accessible as per the image below:
This feature also provides results in table form, divided into the following columns:
- Date/time indicates when that API request was sent
- IP indicates the IP address from which that API request was sent
- The Key column shows which API key was used in that request
- The Endpoint column identifies by name the endpoint used in that particular request
- Path describes how to invoke the API URL that provides the information
- Params identifies parameters used with that API request
- The Status column indicates whether or not the request was successful, by the code returned (200 if successful)
Above the results table are additional options you can utilize to observe usage patterns. In the top left corner is a search box where you can input a keyword to see if it has been used in past API requests. Next to that is a date filter where you can specify a time frame for API requests and usage.
For the example above, we looked up “google” as our keyword and specified November as our time frame. The resulting information displayed matches all of our search criteria.