Authenticating Requests
Authentication Overview
Domain Trust uses API key authentication to secure all API requests. Include your API key in the Authorization header of every request:
Authorization: Bearer YOUR_API_KEY
Obtaining an API Key
You can obtain an API key through one of the following methods:
- Self-service: Authenticate via the
/api/auth/loginendpoint using your email and password credentials - Domain Trust UI: Request an API key from the Domain Trust UI
📄️ Get your API Keys
Get your API keys and learn about authentication
Making Your First Request
Verify your authentication setup by retrieving the API version:
curl -H "Authorization: Bearer $AUTH_TOKEN" \
https://domain-trust.globalcyberalliance.org/api/version
Response:
{
"version": "2.0.6"
}
Submitting Domains
Submit one or more domains for analysis using a POST request to /api/domains:
curl -X POST "https://domain-trust.globalcyberalliance.org/api/domains" \
-H "Authorization: Bearer $AUTH_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"domains": [
{
"domain": "sub.domain.tld",
"abuseType": "phishing",
"activity": "active",
"classification": "possibly-malicious",
"source": "self-reported"
}
]
}'
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
domain | string | Yes | The fully qualified domain name to submit |
abuseType | string | no | Type of abuse (e.g., phishing, malware, spam) |
activity | string | Yes | Current status (e.g., active, blocked) |
classification | string | Yes | Risk classification level |
source | string | Yes | Origin of the report (e.g., self-reported, external-reported) |
Retrieving Domain Information
Query details about a specific domain using a GET request:
curl -H "Authorization: Bearer $AUTH_TOKEN" \
"https://domain-trust.globalcyberalliance.org/api/domains/sub.domain.tld"
Response:
{
"domains": [
{
"abuseType": "botnets",
"activity": "active",
"classification": "possibly-malicious",
"comments": "Website seems to filter out UK traffic.",
"created": "2022-08-29T09:12:33.001Z",
"dateIdentified": "2022-08-29T09:12:33.001Z",
"domain": "sub.domain.tld",
"id": "0198dc96-ee46-750f-8d82-32ec1e39aebf",
"isBlocked": true,
"providerName": "Global Cyber Alliance",
"providerRating": "low-confidence",
"providerRole": "registry",
"registrationDate": "2022-08-29T09:12:33.001Z",
"reportType": "fraud",
"rootDomain": "domain.tld",
"sld": "domain",
"source": "self-reported",
"sourceName": "",
"subDomain": "sub",
"tld": "tld",
"urls": ["sub.domain.tld/malware"]
}
],
"nextPageToken": "MjAyMi0wOC0yOVQwOToxMjozMy4wMDFa"
}
Rate Limits
API requests are subject to rate limiting to ensure fair usage and system stability. Current limits are:
- 10 requests every 3 seconds