For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • User guides
    • About the Applications API
    • Getting started
    • Authentication
    • Quick reference
  • Account Defender API
  • Bot Defender API
  • Credential Intelligence API
  • Code Defender API
    • Code Examples
  • Enforce API
  • PCI DSS API
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
On this page
  • Getting your API token
  • Sending a request
  • Get a list of custom rules
  • Sample response
User guides

Getting started

Was this page helpful?
Previous

Authentication

Next
Built with

Getting your API token

Depending on the solution, the method to get an API token can differ.

  • Account Defender, Alerts, Bot Defender, and Credential Intelligence use an application’s server token to authenticate requests.
  • Code Defender and PCI DSS use unique API tokens to authenticate requests.

For more details on generating either type of token, see Authentication.

Sending a request

All requests must be sent over HTTPS. Requests made over HTTP will fail. In addition, each request must have the following:

  • A host: Each solution’s host URL is different. Be sure to check each API carefully to ensure you are using the correct one.
  • A version: A solution’s API version can differ as well.
  • The content type: This is always application/json.
  • Authorization: This is always sent as authorization: Bearer <token>. You do not need to provide a password.
  • A request: When submitting data to an endpoint via POST, PATCH, or PUT, you must submit your payload in JSON.

Get a list of custom rules

The following is a sample request to the Custom rules API. In this case, we’re getting a list of custom rules for the specified application, which HUMAN identifies with the server token.

1curl --request GET \
2     --url https://console.humansecurity.com/api/v2/botDefender/customRules \
3     --header 'accept: application/json' \
4     --header 'authorization: Bearer <token>

Sample response

The Bot Defender API returns an array of custom rule objects, or an empty array if there are no custom rules.

1{
2  "result": true,
3  "message": "success",
4  "content": [
5    {
6      "ruleId": "aa11bb22-cc33-dd44-ee55-ff66gg77hh88",
7      "priority": 0,
8      "name": "Test Rule 1",
9      "description": "",
10      "conditions": {
11        "operator": "$and",
12        "children": [
13          {
14            "operator": "$and",
15            "children": [
16              {
17                "operator": "$re",
18                "conditionType": "userAgent",
19                "value": [
20                  "superbot"
21                ]
22              }
23            ]
24          }
25        ]
26      },
27      "actions": [
28        "allow"
29      ],
30      "status": "active"
31    },
32    {
33      "ruleId": "aabb1122-cc33-dd44-ee55-ffgg6677hhii",
34      "priority": 1,
35      "name": "Test Rule 2",
36      "description": "",
37      "conditions": {
38        "operator": "$and",
39        "children": [
40          {
41            "operator": "$and",
42            "children": [
43              {
44                "operator": "$in",
45                "conditionType": "socketIps",
46                "value": [
47                  "1.1.1.1"
48                ]
49              }
50            ]
51          }
52        ]
53      },
54      "actions": [
55        "allow"
56      ],
57      "status": "active"
58    }
59  ]
60}