User Exposure API ONLY
For SpyCloud Consumer ATO Prevention.
🕵️♂️ User Exposure API — Overview
Identify vulnerable accounts by checking for breach exposure tied to your consumers’ email addresses, IP addresses, phone numbers, or usernames.
💡 Why to use it
The User Exposure API helps you identify breach exposures tied to your consumers so you can reset compromised passwords, protect vulnerable accounts, and prevent fraudulent activity.
✅ What It Can Do
- Identify vulnerable accounts by checking for breach exposure tied to email addresses, IP addresses, phone numbers, or usernames.
- Return all breach records that match the submitted identifier, enabling targeted remediation.
⚙️ How It Works
Your application submits an identifier to SpyCloud: an email address, IP address, phone number, or username. SpyCloud returns all breach records that match that identifier.
🧭 When to use it
Enterprises typically use the User Exposure API at two points:
- Login — Check credentials in real time as users log into your application, in parallel with a step-up authentication procedure for high-risk actions.
- At Rest (Batch Mode) — Check your entire database of credentials on a frequent basis to detect new exposures, whether or not your users have been active during that time.
Updated 2 months ago