Have I Been Pwned (Independent Publisher) (Preview)
Check if your email or phone is in a data breach.
This connector is available in the following products and regions:
| Service | Class | Regions |
|---|---|---|
| Logic Apps | Standard | All Logic Apps regions except the following: - Azure Government regions - Azure China regions - US Department of Defense (DoD) |
| Power Automate | Premium | All Power Automate regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
| Power Apps | Premium | All Power Apps regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
| Contact | |
|---|---|
| Name | Troy Taylor |
| URL | https://www.hitachisolutions.com |
| ttaylor@hitachisolutions.com |
| Connector Metadata | |
|---|---|
| Publisher | Troy Taylor |
| Website | https://haveibeenpwned.com/ |
| Privacy policy | https://haveibeenpwned.com/Privacy |
| Categories | Security |
Creating a connection
The connector supports the following authentication types:
| Default | Parameters for creating connection. | All regions | Not shareable |
Default
Applicable: All regions
Parameters for creating connection.
This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.
| Name | Type | Description | Required |
|---|---|---|---|
| hibp-api-key | securestring | The hibp-api-key for this api | True |
Throttling Limits
| Name | Calls | Renewal Period |
|---|---|---|
| API calls per connection | 100 | 60 seconds |
Actions
| Getting a single breached site |
Sometimes just a single breach is required and this can be retrieved by the breach name. This is the stable value which may or may not be the same as the breach title (which can change). |
| Getting all breached sites in the system |
A breach is an instance of a system having been compromised by an attacker and the data disclosed. |
| Getting all breaches for an account |
The most common use of the API is to return a list of all breaches a particular account has been involved in. The API takes a single parameter which is the account to be searched for. The account is not case sensitive and will be trimmed of leading or trailing white spaces. |
| Getting all data classes in the system |
A "data class" is an attribute of a record compromised in a breach. For example, many breaches expose data classes such as "Email addresses" and "Passwords". The values returned by this service are ordered alphabetically in a string array and will expand over time as new breaches expose previously unseen classes of data. |
| Getting all pastes for an account |
This action takes a single parameter which is the email address to be searched for. The email is not case sensitive and will be trimmed of leading or trailing white spaces. |
Getting a single breached site
Sometimes just a single breach is required and this can be retrieved by the breach name. This is the stable value which may or may not be the same as the breach title (which can change).
Parameters
| Name | Key | Required | Type | Description |
|---|---|---|---|---|
|
Name
|
name | True | string |
A Pascal-cased name representing the breach which is unique across all other breaches. |
Returns
| Name | Path | Type | Description |
|---|---|---|---|
|
Name
|
Name | string |
The name. |
|
Title
|
Title | string |
The title. |
|
Domain
|
Domain | string |
The domain. |
|
BreachDate
|
BreachDate | string |
The date of breach. |
|
AddedDate
|
AddedDate | string |
The date added. |
|
ModifiedDate
|
ModifiedDate | string |
The date, if any, modified. |
|
PwnCount
|
PwnCount | integer |
The pwned count. |
|
Description
|
Description | string |
The description. |
|
LogoPath
|
LogoPath | string |
The path to the logo. |
|
DataClasses
|
DataClasses | array of string |
The attribute of a record compromised in a breach. |
|
IsVerified
|
IsVerified | boolean |
Whether is verified. |
|
IsFabricated
|
IsFabricated | boolean |
Whether is fabricated. |
|
IsSensitive
|
IsSensitive | boolean |
Whether is sensitive. |
|
IsRetired
|
IsRetired | boolean |
Whether is retired. |
|
IsSpamList
|
IsSpamList | boolean |
Whether is on spam list. |
|
IsMalware
|
IsMalware | boolean |
Whether is malware. |
Getting all breached sites in the system
A breach is an instance of a system having been compromised by an attacker and the data disclosed.
Returns
| Name | Path | Type | Description |
|---|---|---|---|
|
|
array of object | ||
|
Name
|
Name | string |
The name. |
|
Title
|
Title | string |
The title. |
|
Domain
|
Domain | string |
The domain. |
|
BreachDate
|
BreachDate | string |
The date of the breach. |
|
AddedDate
|
AddedDate | string |
The date added. |
|
ModifiedDate
|
ModifiedDate | string |
The date, if any, modified. |
|
PwnCount
|
PwnCount | integer |
The count pwned. |
|
Description
|
Description | string |
The description. |
|
LogoPath
|
LogoPath | string |
The path of the logo. |
|
DataClasses
|
DataClasses | array of string |
The attribute of a record compromised in a breach. |
|
IsVerified
|
IsVerified | boolean |
Whether it is verified. |
|
IsFabricated
|
IsFabricated | boolean |
Whether is fabricated. |
|
IsSensitive
|
IsSensitive | boolean |
Whether is sensitive. |
|
IsRetired
|
IsRetired | boolean |
Whether is retired. |
|
IsSpamList
|
IsSpamList | boolean |
Whether is on spam list. |
|
IsMalware
|
IsMalware | boolean |
Whether is malware. |
Getting all breaches for an account
The most common use of the API is to return a list of all breaches a particular account has been involved in. The API takes a single parameter which is the account to be searched for. The account is not case sensitive and will be trimmed of leading or trailing white spaces.
Parameters
| Name | Key | Required | Type | Description |
|---|---|---|---|---|
|
Account
|
account | True | string |
The account. |
|
Truncate Response
|
truncateResponse | boolean |
Whether to return the full breach model. |
|
|
Domain
|
domain | string |
Filters the result set to only breaches against the domain specified. |
|
|
Include Unverified
|
includeUnverified | boolean |
Returns breaches that have been flagged as unverified. By default, both verified and unverified breaches are returned when performing a search. |
Returns
| Name | Path | Type | Description |
|---|---|---|---|
|
|
array of object | ||
|
Name
|
Name | string |
The name. |
|
Title
|
Title | string |
The title. |
|
Domain
|
Domain | string |
The domain. |
|
BreachDate
|
BreachDate | string |
The date of the breach. |
|
AddedDate
|
AddedDate | string |
The date added. |
|
ModifiedDate
|
ModifiedDate | string |
The date, if any, modified. |
|
PwnCount
|
PwnCount | integer |
The count pwned. |
|
Description
|
Description | string |
The description. |
|
LogoPath
|
LogoPath | string |
The path of the logo. |
|
DataClasses
|
DataClasses | array of string |
The attribute of a record compromised in a breach. |
|
IsVerified
|
IsVerified | boolean |
Whether it is verified. |
|
IsFabricated
|
IsFabricated | boolean |
Whether it is fabricated. |
|
IsSensitive
|
IsSensitive | boolean |
Whether is sensitive. |
|
IsRetired
|
IsRetired | boolean |
Whether is retired. |
|
IsSpamList
|
IsSpamList | boolean |
Whether is on spam list. |
|
IsMalware
|
IsMalware | boolean |
Whether is malware. |
Getting all data classes in the system
A "data class" is an attribute of a record compromised in a breach. For example, many breaches expose data classes such as "Email addresses" and "Passwords". The values returned by this service are ordered alphabetically in a string array and will expand over time as new breaches expose previously unseen classes of data.
Returns
| Name | Path | Type | Description |
|---|---|---|---|
|
|
array of string |
Getting all pastes for an account
This action takes a single parameter which is the email address to be searched for. The email is not case sensitive and will be trimmed of leading or trailing white spaces.
Parameters
| Name | Key | Required | Type | Description |
|---|---|---|---|---|
|
Account
|
account | True | string |
The account. |
Returns
| Name | Path | Type | Description |
|---|---|---|---|
|
|
array of object | ||
|
Source
|
Source | string |
The source. |
|
ID
|
Id | string |
The identifier. |
|
Title
|
Title | string |
The title. |
|
Date
|
Date | string |
The date. |
|
EmailCount
|
EmailCount | integer |
The email count. |