Authentication - Osintly Documentation

All API endpoints require a bearer token in the Authorization header.

Radar is included in the Free plan, but it still requires authentication. Create an Osintly account, generate a free API key, then call GET /radar/breaches and GET /radar/breaches/{name} with that key.

If your key belongs to a plan without Radar enabled, these endpoints return 403 with PLAN_FEATURE_REQUIRED.

Header format

Authorization: Bearer YOUR_API_KEY

Use the root auth endpoint GET / to quickly validate a token.

Validate token

curl -X GET "https://api.osint.ly" \
  -H "Authorization: Bearer YOUR_API_KEY"

Expected success response:

{
  "message": "Authorization Valid",
  "help": "https://docs.osint.ly/api-reference/quick-start"
}

Example Radar request (free API key)

curl -X GET "https://api.osint.ly/radar/breaches?limit=3&sortBy=recently-added" \
  -H "Authorization: Bearer YOUR_API_KEY"

Security Best Practices

Never commit API keys to git repositories
Store tokens in environment variables
Use separate keys for development and production
Rotate keys immediately after suspected exposure

If a token is exposed, revoke and replace it before any new deployment.

Terms and ethics

Terms of Use: https://osint.ly/terms
Ethics Policy: https://osint.ly/ethics

Next Steps

Continue with Quick Start to create and stream your first search.

API Plans & CapacityPlan activation, billing separation, API key limits, concurrency, and processing TTL behavior.

​Header format

​Validate token

​Example Radar request (free API key)

​Security Best Practices

​Terms and ethics

​Next Steps

Header format

Validate token

Example Radar request (free API key)

Security Best Practices

Terms and ethics

Next Steps