Skip to main content
GET
/
service
/
v2
/
breach
/
search
Search Breach Records
curl --request GET \
  --url https://oathnet.org/api/service/v2/breach/search \
  --header 'x-api-key: <api-key>'
{
  "success": true,
  "message": "<string>",
  "data": {
    "items": [
      {
        "id": "<string>",
        "email": "<string>",
        "email_domain": "<string>",
        "username": "<string>",
        "password": "<string>",
        "password_hash": "<string>",
        "salt": "<string>",
        "full_name": "<string>",
        "first_name": "<string>",
        "last_name": "<string>",
        "middle_name": "<string>",
        "display_name": "<string>",
        "phone_number": "<string>",
        "phone_national": "<string>",
        "address_street": "<string>",
        "city": "<string>",
        "state": "<string>",
        "postal_code": "<string>",
        "country": "<string>",
        "date_birth": "<string>",
        "age": 123,
        "created_at": "<string>",
        "last_login": "<string>",
        "indexed_at": "2023-11-07T05:31:56Z",
        "ip": "<string>",
        "discordid": "<string>",
        "instagram": "<string>",
        "linkedin": "<string>",
        "iban": "<string>",
        "ssn": "<string>",
        "dbname": "<string>",
        "gender": "<string>",
        "language": "<string>",
        "bio": "<string>",
        "location": "<string>",
        "extra": {}
      }
    ],
    "meta": {
      "count": 123,
      "total": 123,
      "took_ms": 123,
      "has_more": true,
      "total_pages": 123,
      "max_score": 123,
      "filter_id": "0123456789abcdef01234567"
    },
    "next_cursor": "<string>"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.oathnet.org/llms.txt

Use this file to discover all available pages before exploring further.

The primary breach search surface for new integrations.
Prefer this endpoint over Legacy Breach Search. It supports flat filters, structured filter payloads, and filter_id contexts created by the AI filter endpoint.
Successful searches use the standard envelope with data.items, data.meta, and data.next_cursor. Use GET when normal query params are enough. Use POST to the same route when you want to send { filter, filter_id } as JSON in the request body. This is the pattern the frontend uses for complex filters. See Structured Filters for a simpler step-by-step guide with examples for flat params, POST body mode, AI filters, and query_config.

Authorizations

x-api-key
string
header
required

API key for authentication (lowercase header name)

Query Parameters

q
string
cursor
string
page_size
integer
sort
string
from
string<date-time>
to
string<date-time>
date_field
enum<string>
Available options:
indexed_at,
pwned_at
wildcard
boolean
logic
enum<string>
Available options:
and,
or
filter
string

JSON-encoded structured filter tree.

Use leaf nodes with field, operator, and value, or compound nodes with and / or. If you would rather send the filter as a real JSON object, use POST on the same /search route. See /guides/structured-filters for the full grammar, operators, limits, and examples.

filter_id
string

24-character transient filter context ID returned by POST /service/v2/ai/filter or a previous search response.

24-character transient filter context ID.

Pattern: ^[0-9a-fA-F]{24}$
Example:

"0123456789abcdef01234567"

email[]
string[]
email_domain[]
string[]
domain[]
string[]
username[]
string[]
password[]
string[]
password_hash[]
string[]
ip[]
string[]
phone[]
string[]
first_name[]
string[]
last_name[]
string[]
full_name[]
string[]
city[]
string[]
country[]
string[]
state[]
string[]
postal_code[]
string[]
dbname[]
string[]
discord_id[]
string[]
iban[]
string[]
ssn[]
string[]
date_birth_from
string
date_birth_to
string

Response

200 - application/json

Breach search response

success
boolean
message
string
data
object