Skip to main content
GET
/
service
/
v2
/
breach
/
search
Search Breach Records
curl --request GET \
  --url https://oathnet.org/api/service/v2/breach/search \
  --header 'x-api-key: <api-key>'
{
  "success": true,
  "message": "<string>",
  "data": {
    "items": [
      {
        "id": "<string>",
        "email": "<string>",
        "email_domain": "<string>",
        "username": "<string>",
        "password": "<string>",
        "password_hash": "<string>",
        "salt": "<string>",
        "full_name": "<string>",
        "first_name": "<string>",
        "last_name": "<string>",
        "middle_name": "<string>",
        "display_name": "<string>",
        "phone_number": "<string>",
        "phone_national": "<string>",
        "address_street": "<string>",
        "city": "<string>",
        "state": "<string>",
        "postal_code": "<string>",
        "country": "<string>",
        "date_birth": "<string>",
        "age": 123,
        "created_at": "<string>",
        "last_login": "<string>",
        "indexed_at": "2023-11-07T05:31:56Z",
        "ip": "<string>",
        "discordid": "<string>",
        "instagram": "<string>",
        "linkedin": "<string>",
        "iban": "<string>",
        "ssn": "<string>",
        "dbname": "<string>",
        "gender": "<string>",
        "language": "<string>",
        "bio": "<string>",
        "location": "<string>",
        "extra": {}
      }
    ],
    "meta": {
      "count": 123,
      "total": 123,
      "took_ms": 123,
      "has_more": true,
      "total_pages": 123,
      "max_score": 123,
      "filter_id": "0123456789abcdef01234567"
    },
    "next_cursor": "<string>"
  }
}
The primary breach search surface for new integrations.
Prefer this endpoint over Legacy Breach Search. It supports flat filters, structured filter payloads, and filter_id contexts created by the AI filter endpoint.
Successful searches use the standard envelope with data.items, data.meta, and data.next_cursor. Use GET when normal query params are enough. Use POST to the same route when you want to send { filter, filter_id } as JSON in the request body. This is the pattern the frontend uses for complex filters. See Structured Filters for a simpler step-by-step guide with examples for flat params, POST body mode, AI filters, and query_config.

Authorizations

x-api-key
string
header
required

API key for authentication (lowercase header name)

Query Parameters

q
string
cursor
string
page_size
integer
sort
string
from
string<date-time>
to
string<date-time>
date_field
enum<string>
Available options:
indexed_at,
pwned_at
wildcard
boolean
logic
enum<string>
Available options:
and,
or
filter
string

JSON-encoded structured filter tree.

Use leaf nodes with field, operator, and value, or compound nodes with and / or. If you would rather send the filter as a real JSON object, use POST on the same /search route. See /guides/structured-filters for the full grammar, operators, limits, and examples.

filter_id
string

24-character transient filter context ID returned by POST /service/v2/ai/filter or a previous search response.

24-character transient filter context ID.

Pattern: ^[0-9a-fA-F]{24}$
Example:

"0123456789abcdef01234567"

email[]
string[]
email_domain[]
string[]
domain[]
string[]
username[]
string[]
password[]
string[]
password_hash[]
string[]
ip[]
string[]
phone[]
string[]
first_name[]
string[]
last_name[]
string[]
full_name[]
string[]
city[]
string[]
country[]
string[]
state[]
string[]
postal_code[]
string[]
dbname[]
string[]
discord_id[]
string[]
iban[]
string[]
ssn[]
string[]
date_birth_from
string
date_birth_to
string

Response

200 - application/json

Breach search response

success
boolean
message
string
data
object