diff --git a/docs/api-reference/astp/endpoints/post-credentials-search.mdx b/docs/api-reference/astp/endpoints/post-credentials-search.mdx index cb31f9c..10c31e9 100644 --- a/docs/api-reference/astp/endpoints/post-credentials-search.mdx +++ b/docs/api-reference/astp/endpoints/post-credentials-search.mdx @@ -6,6 +6,7 @@ authMethod: "bearer" import GatedAccessFeatureAstp from '/snippets/gated-access-feature-astp.mdx'; import CrendentialSearchCommon from '/snippets/credentials/astp-and-global-search-common.mdx'; +import CrendentialSearchQueryAndFilters from '/snippets/credentials/astp-and-global-search-query-and-filters.mdx'; import CrendentialSearchDescription from '/snippets/credentials/astp-and-global-search-description.mdx'; import CrendentialEndpointsNote from '/snippets/credentials/astp-and-global-search-note.mdx'; @@ -19,3 +20,12 @@ See the guide for using this endpoint: [Exporting a Domain's Credentials ](/guides/credentials-export-domain). + + + Additional fields to return. Available options: + - `known_password_id`: ID of the credential's password. + - `auth_domains`: for each credential, up to 100 hosts (domain only, e.g. `login.example.com`) where the credential was seen being used. + - `urls`: for each credential, up to 100 full URLs (including scheme and path, e.g. `https://login.example.com/signin`) where the credential was seen being used. These are the complete addresses that `auth_domains` reports the host portion of. + + + diff --git a/docs/api-reference/v4/endpoints/credentials-global-search.mdx b/docs/api-reference/v4/endpoints/credentials-global-search.mdx index bb07738..b656322 100644 --- a/docs/api-reference/v4/endpoints/credentials-global-search.mdx +++ b/docs/api-reference/v4/endpoints/credentials-global-search.mdx @@ -5,10 +5,19 @@ title: Search Credentials import CrendentialEndpointsNote from '/snippets/credentials/astp-and-global-search-note.mdx'; import CrendentialSearchCommon from '/snippets/credentials/astp-and-global-search-common.mdx'; +import CrendentialSearchQueryAndFilters from '/snippets/credentials/astp-and-global-search-query-and-filters.mdx'; import GlobalSearchApiQuotaNote from '/snippets/global-search-api-quota-note.mdx'; import CrendentialSearchDescription from '/snippets/credentials/astp-and-global-search-description.mdx'; - \ No newline at end of file + + + + Additional fields to return. Available options: + - `known_password_id`: ID of the credential's password. + - `auth_domains`: for each credential, up to 100 hosts (domain only, e.g. `login.example.com`) where the credential was seen being used. + + + \ No newline at end of file diff --git a/docs/changelog/overview.mdx b/docs/changelog/overview.mdx index fe4f1e7..1f468ac 100644 --- a/docs/changelog/overview.mdx +++ b/docs/changelog/overview.mdx @@ -12,6 +12,10 @@ This page lists changes to Flare's API. Release notes for the Flare Platform can be found on the [product documentation website](https://docs.flare.io/releases). + + Added the `urls` value to the `include` parameter in the [ASTP Search Credentials Endpoint ](/api-reference/astp/endpoints/post-credentials-search). + + The `imported_at` filter now works for all query types in the [Global Search Credentials Endpoint ](/api-reference/v4/endpoints/credentials-global-search) and the [ASTP Search Credentials Endpoint ](/api-reference/astp/endpoints/post-credentials-search). diff --git a/docs/snippets/credentials/astp-and-global-search-common.mdx b/docs/snippets/credentials/astp-and-global-search-common.mdx index f7e9afc..108cbf2 100644 --- a/docs/snippets/credentials/astp-and-global-search-common.mdx +++ b/docs/snippets/credentials/astp-and-global-search-common.mdx @@ -65,97 +65,6 @@ This endpoint supports the The `next` value from the last response. - - Additional fields to return. Available options: - - `known_password_id`: ID of the credential's password. - - `auth_domains`: for each credential, return up to 10 domains where this credential was used. - - The order in which the results will be returned. (`asc` or `desc`) - - - One of the supported queries. - - - - This query will match all credentials that contain the specified domain in the email address. - ```json - { - "type": "domain", - "fqdn": "" - } - ``` - - - - This query will match the domain of the service that this credential might have been used to log in to. - ```json - { - "type": "auth_domain", - "fqdn": "" - } - ``` - - - - This query will match all credentials that contain the specified password. - ```json - { - "type": "secret", - "secret": "" - } - ``` - - - - This query will match all credentials for the exact email address. - ```json - { - "type": "email", - "email": "" - } - ``` - - - - This query will match with the credential's username, which is the portion of the `identity_name` that preceeds `@`. - ```json - { - "type": "keyword", - "keyword": "" - } - ``` - - - - - - - - - - - Matches values greater than or equal to the specified timestamp. - - Format: ISO-8601 - - - - Matches values lesser than or equal to the specified timestamp. - - Format: ISO-8601 - - - - - diff --git a/docs/snippets/credentials/astp-and-global-search-query-and-filters.mdx b/docs/snippets/credentials/astp-and-global-search-query-and-filters.mdx new file mode 100644 index 0000000..61425fa --- /dev/null +++ b/docs/snippets/credentials/astp-and-global-search-query-and-filters.mdx @@ -0,0 +1,84 @@ + + One of the supported queries. + + + + This query will match all credentials that contain the specified domain in the email address. + ```json + { + "type": "domain", + "fqdn": "" + } + ``` + + + + This query will match the domain of the service that this credential might have been used to log in to. + ```json + { + "type": "auth_domain", + "fqdn": "" + } + ``` + + + + This query will match all credentials that contain the specified password. + ```json + { + "type": "secret", + "secret": "" + } + ``` + + + + This query will match all credentials for the exact email address. + ```json + { + "type": "email", + "email": "" + } + ``` + + + + This query will match with the credential's username, which is the portion of the `identity_name` that preceeds `@`. + ```json + { + "type": "keyword", + "keyword": "" + } + ``` + + + + + + + + + + + Matches values greater than or equal to the specified timestamp. + + Format: ISO-8601 + + + + Matches values lesser than or equal to the specified timestamp. + + Format: ISO-8601 + + + + +