Authentication

PhishFort Client API uses API Keys to authenticate requests. API requests without authentication will fail.

Where do I get an API key?

The PhishFort team will provide you with an API key specific to your use-case (whether you're a reseller or a standalone client) at request.

How to authenticate

For every request made to the API, the x-api-key header should be set to your API key. The x-api-key header is sufficient on its own; no separate client-id header is required.

Endpoint

GET /v1/whoami

Example

cURLPythonNode.js

curl -X GET 'https://capi.phishfort.com/v1/whoami' \
  -H 'accept: application/json' \
  -H 'x-api-key: YOUR_API_KEY'

import requests

response = requests.get(
    "https://capi.phishfort.com/v1/whoami",
    headers={
        "accept": "application/json",
        "x-api-key": "YOUR_API_KEY",
    },
)
print(response.json())

const response = await fetch("https://capi.phishfort.com/v1/whoami", {
  headers: {
    accept: "application/json",
    "x-api-key": "YOUR_API_KEY",
  },
});
const data = await response.json();
console.log(data);

The above request should return details about the client represented by the API key provided:

{
    "parentClient": "bright future llc",
    "subClients": [
        { "clientName": "Asiago", "id": "123124" },
        { "clientName": "MonteBank", "id": "321452" }
    ]
}