API reference

Getting started

Getting your API token

Depending on the solution, the method to get an API token can differ.

  • Account Defender, Bot Defender, and Credential Intelligence use an application's server token to authenticate requests.
  • Code Defender and PCI DSS use unique API tokens to authenticate requests.

For more details on generating either type of token, see Authentication.

Sending a request

All requests must be sent over HTTPS. Requests made over HTTP will fail. In addition, each request must have the following:

  • A host: Each solution's host URL is different. Be sure to check each API carefully to ensure you are using the correct one.
  • A version: A solution's API version can differ as well.
  • The content type: This is always application/json.
  • Authorization: This is always sent as authorization: Bearer <token>. You do not need to provide a password.
  • A request: When submitting data to an endpoint via POST, PATCH, or PUT, you must submit your payload in JSON.

Get a list of custom rules

The following is a sample request to the Custom rules API. In this case, we're getting a list of custom rules for the specified application, which HUMAN identifies with the server token. 

curl --request GET \
     --url https://console.humansecurity.com/api/v2/botDefender/customRules \
     --header 'accept: application/json' \
     --header 'authorization: Bearer <token>

Sample response

The Bot Defender API returns an array of custom rule objects, or an empty array if there are no custom rules.

{
  "result": true,
  "message": "success",
  "content": [
    {
      "ruleId": "aa11bb22-cc33-dd44-ee55-ff66gg77hh88",
      "priority": 0,
      "name": "Test Rule 1",
      "description": "",
      "conditions": {
        "operator": "$and",
        "children": [
          {
            "operator": "$and",
            "children": [
              {
                "operator": "$re",
                "conditionType": "userAgent",
                "value": [
                  "superbot"
                ]
              }
            ]
          }
        ]
      },
      "actions": [
        "allow"
      ],
      "status": "active"
    },
    {
      "ruleId": "aabb1122-cc33-dd44-ee55-ffgg6677hhii",
      "priority": 1,
      "name": "Test Rule 2",
      "description": "",
      "conditions": {
        "operator": "$and",
        "children": [
          {
            "operator": "$and",
            "children": [
              {
                "operator": "$in",
                "conditionType": "socketIps",
                "value": [
                  "1.1.1.1"
                ]
              }
            ]
          }
        ]
      },
      "actions": [
        "allow"
      ],
      "status": "active"
    }
  ]
}