For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • User guides
    • About the Applications API
    • Getting started
    • Authentication
    • Quick reference
  • Account Defender API
      • GETGet account info v1
      • GETGet account info v2
  • Bot Defender API
  • Credential Intelligence API
  • Code Defender API
    • Code Examples
  • Enforce API
  • PCI DSS API
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
Account Defender APIAccount Info

Get account info v2

GET
/v2/account_defender/account/:account_id
GET
/api/v2/account_defender/account/:account_id
$curl https://console.humansecurity.com/api/v2/account_defender/account/123456789 \
>     -H "Authorization: Bearer <token>"
1{
2  "account_id": "123456789",
3  "exists": true,
4  "is_under_attack": true,
5  "first_seen": "2023-10-06T19:52:12.132Z",
6  "last_seen": "2025-01-21T13:00:41.008Z",
7  "email": "email@email.com",
8  "registration_date": "2021-01-06T19:25:28Z",
9  "active_incidents": [
10    {
11      "attack_type": "account_takeover",
12      "event_type": "single",
13      "risk_score": 0.707,
14      "is_manually_created": false,
15      "incident_creation": "2025-01-20T14:19:49.028Z",
16      "additional": {
17        "account_age": 35394,
18        "asn": "Mobile Telecommunications Company",
19        "city": "City",
20        "country": "KCountryW",
21        "device_fingerprint": "16427277324375911310",
22        "email": "email@email.com",
23        "ip": "1.1.1.1",
24        "path": "/inbox/conversations/messages",
25        "user_agent": "Mozilla/5.0",
26        "vid": "111"
27      }
28    }
29  ],
30  "aggregative_data": {
31    "trigger_categories": [
32      "network",
33      "behavior"
34    ],
35    "sensitive_transactions": [
36      "send_message",
37      "send_attachment"
38    ]
39  }
40}

Access the attack status and risk score of an account on your application.

This updated version includes detailed information in the response. We recommend transitioning to this version from the v1.

Was this page helpful?
Previous

Delete user data

Next
Built with

Authentication

AuthorizationBearer

Bearer authentication of the form Bearer <token>, where token is your auth token.

Path parameters

account_idstringRequired
ID for an account

Query parameters

days_rangeintegerOptionalDefaults to 30
Customizes the aggregative data calculation. When provided, the following behavior applies: - The `aggregative_data` fields will be calculated based on values observed within the specified time period. - The time period is defined as the last `days_range` days from the current date. - Only data points that fall within this window will be included in the calculations.

Response

Success
account_idstring
The ID for the account.
existsboolean
Whether the specified account exists.
is_under_attackboolean

The status for the attack corresponding to the statuses displayed in the Account Defender portal. Only present if exists returns true.

true corresponds to Pending attacks. false corresponds to:

  • Resolved or Archived attacks
  • The account does not exist
  • The account exists, but is not under attack
first_seenstringformat: "YYYY-MM-DDTHH:mm:ss.sssZ"

The first time Account Defender encountered this account. Only present if exists returns true.

last_seenstringformat: "YYYY-MM-DDTHH:mm:ss.sssZ"

The last time Account Defender encountered this account. Only present if exists returns true.

emailstring

The account’s email address. Only present if exists returns true.

registration_datestringformat: "YYYY-MM-DDTHH:mm:ss.sssZ"

The date the account was created. Only present if exists returns true.

active_incidentslist of objects

An array of pending incidents on the account. Only present if is_under_attack returns true.

aggregative_dataobject

Statistical information about the account based on the supplied days_range. Only present if calculated information is available for the given days_range.

Errors

400
Bad Request Error
403
Forbidden Error

Customizes the aggregative data calculation. When provided, the following behavior applies:

  • The aggregative_data fields will be calculated based on values observed within the specified time period.
  • The time period is defined as the last days_range days from the current date.
  • Only data points that fall within this window will be included in the calculations.