Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.oathnet.org/llms.txt

Use this file to discover all available pages before exploring further.

Base URL

All API requests are made to: 
https://oathnet.org/api

Authentication

Every request requires an API key in the x-api-key header: 
curl -H "x-api-key: YOUR_API_KEY" https://oathnet.org/api/service/v2/breach/search?q=test@example.com

Get Your API Key

Generate an API key from your dashboard

API Families

  • /service/* Legacy search-session, legacy search, and OSINT endpoints.
  • /service/v2/* Current search, victims, file search, exports, bulk search, autocomplete, AI filter, analytics, and health endpoints.
  • /scanners/* Automated monitoring and notification management for stealer and breach scanners.
Prefer /service/v2/* and /scanners/* for new integrations unless you specifically need a legacy endpoint for compatibility.

Interactive Playground

Each endpoint page includes an interactive playground where you can test requests directly in your browser.
1

Enter Your API Key

Click the “Authorization” section in the playground and enter your API key
2

Set Parameters

Fill in the required parameters for the endpoint
3

Send Request

Click “Send” to execute the request and inspect the live response
Your API key is stored locally in your browser and is only sent directly to the API server.

Success Response Patterns

OathNet no longer has one universal success shape. There are three main patterns:
PatternCommon endpointsNotes
Envelope JSONLegacy search and OSINT endpoints, v2/stealer/search, v2/breach/search, v2/victims/search, v2/stealer/subdomain, v2/analytics/stats, v2/bulk-search createSuccessful responses include success, message, and data
Raw JSONv2/health, v2/breach/autocomplete*, v2/ai/filter*, v2/file-search*, v2/exports*, v2/bulk-search list and status, v2/victims/{log_id}, most scanner endpointsSuccessful responses rely on HTTP status and the payload body directly
File or text streamVictim file downloads, victim archive downloads, export downloads, bulk-search downloadsThe body is text or binary, not JSON

Envelope Example

{
  "success": true,
  "message": "Request completed successfully",
  "data": {
    "items": [],
    "meta": {
      "count": 0,
      "total": 0,
      "took_ms": 4,
      "has_more": false,
      "total_pages": 0
    }
  }
}

Raw JSON Example

{
  "job_id": "exp_123",
  "status": "running",
  "created_at": "2026-04-18T12:00:00Z",
  "progress": {
    "records_done": 150,
    "records_total": 1000,
    "bytes_done": 32768,
    "percent": 15,
    "updated_at": "2026-04-18T12:00:05Z"
  }
}

Error Handling

Backend-generated errors are generally normalized into the standard error envelope, even for endpoints whose successful responses are raw JSON or file streams. See Error Handling for implementation guidance.

Structured Filter System

The current search stack has one shared filter grammar across V2 search, AI filter output, exports, bulk search, and scanners.
  • use filter for explicit JSON filter trees
  • use filter_id to replay a stored AI or prior-search context
  • combine flat filters with structured filters when needed
See Structured Filters for the full grammar, operator matrix, merge order, and scanner/export reuse rules.

Endpoints by Category

Search & Filters

EndpointDescription
POST /service/search/initInitialize a search session
GET /service/search-breachLegacy breach search
GET /service/search-stealerLegacy stealer search
GET /service/v2/stealer/searchCurrent stealer search surface
GET /service/v2/breach/searchCurrent breach search surface
GET /service/v2/stealer/subdomainExtract subdomains from stealer data
GET /service/v2/breach/autocompleteField value autocomplete for breach search
GET /service/v2/breach/autocomplete/dbnamesBreach source autocomplete with field coverage
GET /service/v2/breach/autocomplete/fieldsDiscover dbnames for a specific breach field
POST /service/v2/ai/filterTurn natural language into a structured filter
GET /service/v2/ai/filter/Fetch a stored AI filter context

Victims & Files

EndpointDescription
GET /service/v2/victims/searchSearch victim profiles
GET /service/v2/victims/Get victim manifest
GET /service/v2/victims//files/Get file content
GET /service/v2/victims//archiveDownload victim archive
POST /service/v2/file-searchCreate file search job
GET /service/v2/file-search/Get file search status

Bulk Search & Exports

EndpointDescription
POST /service/v2/bulk-searchStart a bulk search job
GET /service/v2/bulk-search/listList bulk search jobs
GET /service/v2/bulk-search/Get bulk search status
GET /service/v2/bulk-search//downloadDownload bulk search output
POST /service/v2/exportsCreate export job
GET /service/v2/exports/listList export jobs
GET /service/v2/exports/Get export status
GET /service/v2/exports//downloadDownload export file

Platform & Monitoring

EndpointDescription
GET /service/v2/analytics/statsPublic analytics summary
GET /service/v2/healthService dependency health
GET /scanners/quotaGet scanner quota
GET /scannersList scanners
POST /scanners/createCreate a scanner
POST /scanners/test-deliveryTest a draft scanner delivery

Discord OSINT

EndpointDescription
GET /service/discord-userinfoDiscord user profile
GET /service/discord-username-historyDiscord username history
GET /service/discord-to-robloxDiscord to Roblox mapping

Gaming OSINT

EndpointDescription
GET /service/steamSteam profile lookup
GET /service/xboxXbox profile lookup
GET /service/roblox-userinfoRoblox user info
GET /service/mc-historyMinecraft username history

Network & Email OSINT

EndpointDescription
GET /service/ip-infoIP geolocation lookup
GET /service/holeheEmail account check
GET /service/ghuntGoogle account OSINT
GET /service/extract-subdomainLegacy subdomain extraction

Utility

EndpointDescription
GET /service/dbname-autocompleteLegacy database name autocomplete

Quotas & Plans

Lookup billing and feature access vary by endpoint family. Search, file search, exports, bulk search, archive downloads, AI filter creation, and scanner quotas all depend on plan features. See Rate Limiting and Scanners for the current customer-facing behavior.

OpenAPI Specification

Download our complete OpenAPI 3.1.0 specification:

Download OpenAPI Spec

Get the full API specification in YAML format