Getting started | HUMAN Documentation

Getting your API token

Depending on the solution, the method to get an API token can differ.

Account Defender, Alerts, Bot Defender, and Credential Intelligence use an application’s server token to authenticate requests.
Code Defender and PCI DSS use unique API tokens to authenticate requests.

For more details on generating either type of token, see Authentication.

Sending a request

All requests must be sent over HTTPS. Requests made over HTTP will fail. In addition, each request must have the following:

A host: Each solution’s host URL is different. Be sure to check each API carefully to ensure you are using the correct one.
A version: A solution’s API version can differ as well.
The content type: This is always application/json.
Authorization: This is always sent as authorization: Bearer <token>. You do not need to provide a password.
A request: When submitting data to an endpoint via POST, PATCH, or PUT, you must submit your payload in JSON.

Get a list of custom rules

The following is a sample request to the Custom rules API. In this case, we’re getting a list of custom rules for the specified application, which HUMAN identifies with the server token.

1 curl --request GET \
2      --url https://console.humansecurity.com/api/v2/botDefender/customRules \
3      --header 'accept: application/json' \
4      --header 'authorization: Bearer <token>

Sample response

The Bot Defender API returns an array of custom rule objects, or an empty array if there are no custom rules.

1 {
2   "result": true,
3   "message": "success",
4   "content": [
5     {
6       "ruleId": "aa11bb22-cc33-dd44-ee55-ff66gg77hh88",
7       "priority": 0,
8       "name": "Test Rule 1",
9       "description": "",
10       "conditions": {
11         "operator": "$and",
12         "children": [
13           {
14             "operator": "$and",
15             "children": [
16               {
17                 "operator": "$re",
18                 "conditionType": "userAgent",
19                 "value": [
20                   "superbot"
21                 ]
22               }
23             ]
24           }
25         ]
26       },
27       "actions": [
28         "allow"
29       ],
30       "status": "active"
31     },
32     {
33       "ruleId": "aabb1122-cc33-dd44-ee55-ffgg6677hhii",
34       "priority": 1,
35       "name": "Test Rule 2",
36       "description": "",
37       "conditions": {
38         "operator": "$and",
39         "children": [
40           {
41             "operator": "$and",
42             "children": [
43               {
44                 "operator": "$in",
45                 "conditionType": "socketIps",
46                 "value": [
47                   "1.1.1.1"
48                 ]
49               }
50             ]
51           }
52         ]
53       },
54       "actions": [
55         "allow"
56       ],
57       "status": "active"
58     }
59   ]
60 }