API overview
The SquareBreach app is itself the reference UI for our REST API. Every search you run in the dashboard is a call to a documented endpoint, billed at 1 credit per fresh request.
Programmatic API keys are in private beta. Email api@squarebreach.comif you’d like access; in the meantime your /app/settings/api page shows the current rollout status.
Base URL
https://api.squarebreach.com/v1
Authentication
Send your API key in the Authorization header:
Authorization: Bearer sb_live_••••••••••••••••
Test-mode keys (sb_test_…) hit a sandbox dataset and do not consume credits.
Endpoints
| Method | Path | Purpose |
|---|---|---|
GET | /breach/search | Search breach data by email, username or password. |
GET | /stealer/search | Query infostealer logs by domain or credential. |
GET | /victims | List or fetch a single victim profile. |
GET | /files/search | Full-text search across exfiltrated files. |
POST | /exports | Create an async export job. |
GET | /osint/{provider} | OSINT lookup against a provider (Discord, Steam, etc.). |
GET | /credits | Current credit balance and recent ledger entries. |
Standard response envelope
{
"success": true,
"data": { /* endpoint-specific */ },
"meta": {
"cache": "hit" | "miss",
"credits_charged": 0 | 1,
"request_id": "req_••••••••"
}
}Error envelope
See errors for the full catalogue.
Webhooks
Server-to-server webhooks (export completion, low-credit alerts) are scheduled with the v1 API key launch. Add a webhook endpoint from Settings → API as soon as access is granted.