Password AND User Exposure APIs
Using both APIs together.
🧩 CAP APIs & Deployment Options
To provide flexibility for your organization, SpyCloud offers two high-volume, performant APIs for Consumer Account Takeover Prevention that can be used together or separately.
🔐 The APIs
- Password Exposure API — Check hashes of your consumers’ passwords against all passwords in the SpyCloud database, regardless of username.
- User Exposure API — Check the SpyCloud database for breach exposure tied to your consumers’ email addresses, IP addresses, phone numbers, or usernames.
Complementary coverage: The two APIs are complementary; they can be used in separate scenarios and offer different protections. Using both APIs together provides the strongest protection against account takeover.
🧭 Using Both APIs
Recommended for most enterprises
Using both APIs together, you can protect your consumers’ credentials from the moment they create an account throughout their entire relationship with your enterprise.
How “both” typically maps to your flows
- At account creation / password change / reset: Use Password Exposure API to block exposed, commonly used passwords at the point of creation.
- At login and in batch hygiene: Use User Exposure API to identify users whose credentials have appeared in breaches and take protective action.
Updated 2 months ago