Integrations
The integrations API manages API keys, messaging connections (Teams, Slack, email), ticketing rules (Jira, ServiceNow, Linear), and alert configuration.
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /api/v1/integrations/keys | List API keys |
| POST | /api/v1/integrations/keys | Generate API key |
| DELETE | /api/v1/integrations/keys/{key_id} | Revoke API key |
| GET | /api/v1/integrations/connections | List connections |
| POST | /api/v1/integrations/connections | Create connection |
| PUT | /api/v1/integrations/connections/{id} | Update connection |
| DELETE | /api/v1/integrations/connections/{id} | Delete connection |
| POST | /api/v1/integrations/connections/{id}/test | Test connection |
| GET | /api/v1/integrations/ticket-rules | List ticket rules |
| POST | /api/v1/integrations/ticket-rules | Create ticket rule |
| PUT | /api/v1/integrations/ticket-rules/{id} | Update rule |
| DELETE | /api/v1/integrations/ticket-rules/{id} | Delete rule |
| POST | /api/v1/integrations/ticket-rules/{id}/test | Test rule |
Connection Providers
| Provider | Type | Events Supported |
|---|---|---|
| teams | Messaging | kev.new, cve.critical, cve.high, exploit.confirmed |
| slack | Messaging | kev.new, cve.critical, cve.high, exploit.confirmed |
| Messaging | All events | |
| pagerduty | Alerting | kev.new, cve.critical |
| jira | Ticketing | All events |
| servicenow | Ticketing | All events |
| linear | Ticketing | All events |
Generate an API Key
curl -X POST \
-H "Authorization: Bearer bs_live_..." \
-H "Content-Type: application/json" \
-d '{
"name": "Production SIEM",
"scopes": ["read"],
"expires_days": 365
}' \
"https://breachspider.com/api/v1/integrations/keys"
Response includes the raw key once - copy it immediately:
{
"data": {
"id": 12,
"name": "Production SIEM",
"key": "bs_live_a3f7c291d8e4b6f2c8d9e1a0b4c7d3e6...",
"prefix": "bs_live_a3f7c291",
"scopes": ["read"],
"expires_at": "2027-06-07T00:00:00Z"
}
}