Most interactions with the AbuseHQ platform are also available as a RESTful API call. You can look up a customer, query for a list of cases, trigger a transition on a case, maintain network tags, and many more.
API interactions happen through our RESTful API interface. Full documentation for the endpoints can be found in each AbuseHQ instance, at https://example.abusehq.net/api/v1/docs/ .
Set up API Authentication credentials
With a few exceptions, all API calls have to be authenticated. The recommended way to authenticate with AbuseHQ for RESTful API calls is using the per-account API Key.
Each AbuseHQ user account has its own generated API Key. For systems that operate independently of logged-in (“human”) user accounts, we recommend creating an API-only user:
The associated e-mail address will receive a welcome e-mail with a generated API Key.
Use your API Key in API Calls
AbuseHQ expects this API Key to be used in the X-API-KEY HTTP header on every request. The API Key should be joined with the username and hashed before being added to the header.
The following python snippet illustrates how to generate a correct API Key header:
import hmac
from hashlib import sha1
api_user = 'apiuser' api_private_key = 'ca6ad8d4792181602e99755a09ee44365e315a46' api_public_key = hmac.new(api_private_key, api_user, sha1).hexdigest() header = 'X-API-KEY: ' + api_user + ':' + api_public_key print header
Include the API Key for an appropriate user on every request will properly associate interactions with AbuseHQ with that user.