Have I Been Pwned (Independent Publisher) (Preview)

Check if your email or phone is in a data breach.

This connector is available in the following products and regions:

Service Class Regions
Logic Apps Standard All Logic Apps regions except the following:
     -   Azure Government regions
     -   Azure China regions
     -   US Department of Defense (DoD)
Power Automate Premium All Power Automate regions except the following:
     -   US Government (GCC)
     -   US Government (GCC High)
     -   China Cloud operated by 21Vianet
     -   US Department of Defense (DoD)
Power Apps Premium All Power Apps regions except the following:
     -   US Government (GCC)
     -   US Government (GCC High)
     -   China Cloud operated by 21Vianet
     -   US Department of Defense (DoD)
Contact
Name Troy Taylor
URL https://www.hitachisolutions.com
Email ttaylor@hitachisolutions.com
Connector Metadata
Publisher Troy Taylor
Website https://haveibeenpwned.com/
Privacy policy https://haveibeenpwned.com/Privacy
Categories Security

Creating a connection

The connector supports the following authentication types:

Default Parameters for creating connection. All regions Not shareable

Default

Applicable: All regions

Parameters for creating connection.

This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.

Name Type Description Required
hibp-api-key securestring The hibp-api-key for this api True

Throttling Limits

Name Calls Renewal Period
API calls per connection10060 seconds

Actions

Getting a single breached site

Sometimes just a single breach is required and this can be retrieved by the breach name. This is the stable value which may or may not be the same as the breach title (which can change).

Getting all breached sites in the system

A breach is an instance of a system having been compromised by an attacker and the data disclosed.

Getting all breaches for an account

The most common use of the API is to return a list of all breaches a particular account has been involved in. The API takes a single parameter which is the account to be searched for. The account is not case sensitive and will be trimmed of leading or trailing white spaces.

Getting all data classes in the system

A "data class" is an attribute of a record compromised in a breach. For example, many breaches expose data classes such as "Email addresses" and "Passwords". The values returned by this service are ordered alphabetically in a string array and will expand over time as new breaches expose previously unseen classes of data.

Getting all pastes for an account

This action takes a single parameter which is the email address to be searched for. The email is not case sensitive and will be trimmed of leading or trailing white spaces.

Getting a single breached site

Sometimes just a single breach is required and this can be retrieved by the breach name. This is the stable value which may or may not be the same as the breach title (which can change).

Parameters

Name Key Required Type Description
Name
name True string

A Pascal-cased name representing the breach which is unique across all other breaches.

Returns

Name Path Type Description
Name
Name string

The name.

Title
Title string

The title.

Domain
Domain string

The domain.

BreachDate
BreachDate string

The date of breach.

AddedDate
AddedDate string

The date added.

ModifiedDate
ModifiedDate string

The date, if any, modified.

PwnCount
PwnCount integer

The pwned count.

Description
Description string

The description.

LogoPath
LogoPath string

The path to the logo.

DataClasses
DataClasses array of string

The attribute of a record compromised in a breach.

IsVerified
IsVerified boolean

Whether is verified.

IsFabricated
IsFabricated boolean

Whether is fabricated.

IsSensitive
IsSensitive boolean

Whether is sensitive.

IsRetired
IsRetired boolean

Whether is retired.

IsSpamList
IsSpamList boolean

Whether is on spam list.

IsMalware
IsMalware boolean

Whether is malware.

Getting all breached sites in the system

A breach is an instance of a system having been compromised by an attacker and the data disclosed.

Returns

Name Path Type Description
array of object
Name
Name string

The name.

Title
Title string

The title.

Domain
Domain string

The domain.

BreachDate
BreachDate string

The date of the breach.

AddedDate
AddedDate string

The date added.

ModifiedDate
ModifiedDate string

The date, if any, modified.

PwnCount
PwnCount integer

The count pwned.

Description
Description string

The description.

LogoPath
LogoPath string

The path of the logo.

DataClasses
DataClasses array of string

The attribute of a record compromised in a breach.

IsVerified
IsVerified boolean

Whether it is verified.

IsFabricated
IsFabricated boolean

Whether is fabricated.

IsSensitive
IsSensitive boolean

Whether is sensitive.

IsRetired
IsRetired boolean

Whether is retired.

IsSpamList
IsSpamList boolean

Whether is on spam list.

IsMalware
IsMalware boolean

Whether is malware.

Getting all breaches for an account

The most common use of the API is to return a list of all breaches a particular account has been involved in. The API takes a single parameter which is the account to be searched for. The account is not case sensitive and will be trimmed of leading or trailing white spaces.

Parameters

Name Key Required Type Description
Account
account True string

The account.

Truncate Response
truncateResponse boolean

Whether to return the full breach model.

Domain
domain string

Filters the result set to only breaches against the domain specified.

Include Unverified
includeUnverified boolean

Returns breaches that have been flagged as unverified. By default, both verified and unverified breaches are returned when performing a search.

Returns

Name Path Type Description
array of object
Name
Name string

The name.

Title
Title string

The title.

Domain
Domain string

The domain.

BreachDate
BreachDate string

The date of the breach.

AddedDate
AddedDate string

The date added.

ModifiedDate
ModifiedDate string

The date, if any, modified.

PwnCount
PwnCount integer

The count pwned.

Description
Description string

The description.

LogoPath
LogoPath string

The path of the logo.

DataClasses
DataClasses array of string

The attribute of a record compromised in a breach.

IsVerified
IsVerified boolean

Whether it is verified.

IsFabricated
IsFabricated boolean

Whether it is fabricated.

IsSensitive
IsSensitive boolean

Whether is sensitive.

IsRetired
IsRetired boolean

Whether is retired.

IsSpamList
IsSpamList boolean

Whether is on spam list.

IsMalware
IsMalware boolean

Whether is malware.

Getting all data classes in the system

A "data class" is an attribute of a record compromised in a breach. For example, many breaches expose data classes such as "Email addresses" and "Passwords". The values returned by this service are ordered alphabetically in a string array and will expand over time as new breaches expose previously unseen classes of data.

Returns

Name Path Type Description
array of string

Getting all pastes for an account

This action takes a single parameter which is the email address to be searched for. The email is not case sensitive and will be trimmed of leading or trailing white spaces.

Parameters

Name Key Required Type Description
Account
account True string

The account.

Returns

Name Path Type Description
array of object
Source
Source string

The source.

ID
Id string

The identifier.

Title
Title string

The title.

Date
Date string

The date.

EmailCount
EmailCount integer

The email count.