For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • User guides
    • About the Applications API
    • Getting started
    • Authentication
    • Quick reference
  • Account Defender API
  • Bot Defender API
  • Credential Intelligence API
  • Code Defender API
    • Code Examples
  • Enforce API
  • PCI DSS API
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
On this page
  • Getting a token for the Account Defender, Bot Defender, or Credential Intelligence API
  • Getting a token for the Code Defender or PCI DSS API
  • Authenticating requests
User guides

Authentication

Was this page helpful?
Previous

Quick reference

Next
Built with

HUMAN uses API tokens to authenticate requests. To use any of our API, you must authenticate every request you make. Requests without proper authentication will fail.

Authorization for certain solutions are slightly different. Be sure you follow the correct instructions for the API you want to use.

  • Getting a token for the Account Defender, Bot Defender, or Credential Intelligence API
  • Getting a token for the Code Defender or PCI DSS API

To generate a token, you must have access to the HUMAN Console.

Tokens are confidential and gives sensitive access to your account. Be sure to store and handle your tokens securely. Do not share this key with others or store them in publicly accessible places.

Getting a token for the Account Defender, Bot Defender, or Credential Intelligence API

For Account Defender, Alerts, Bot Defender, or Credential Intelligence, HUMAN uses an application’s server token when using API calls. For more on creating and managing applications, see Setting up your application.

To create a token:

  1. From the HUMAN console, navigate to Platform Settings > Applications.
  2. Select the application you would like to identify while using API calls.
  3. Under Application settings, select Server token.
  4. If a token doesn’t already exist, select Add server token to generate a new one.
  5. Hover over the new token and select the Copy button to copy it.

You can create up to three server tokens per application at a time.

Getting a token for the Code Defender or PCI DSS API

If a token does not already exist, you may need to ask HUMAN to generate one for you. Contact us at contact-support@humansecurity.com to do so.

To access a token for the Code Defender or PCI DSS API:

  1. Navigate to Code Defender > Settings > Integrations > Integration Settings.
  2. Select CD API Integration.
  3. Copy an available token.

Tokens have an expiration date. Make sure to generate a new token before the previous one expires. If you think a token has been compromised, contact HUMAN support.

Authenticating requests

You can authenticate requests using your token with --header 'authorization: Bearer <token>'. You do not need to provide a password.

For example, to authenticate a request to get a list of custom rules:

1curl --request GET \
2     --url https://console.humansecurity.com/api/v2/botDefender/customRules \
3     --header 'accept: application/json' \
4     --header 'authorization: Bearer <token>