Using PasswordPing


The PasswordPing APIs are implemented as a series of RESTful web services with JSON payloads. All APIs must be accessed via HTTPS and require authentication.

As is standard for REST APIs, API call parameters for GET requests are submitted in the query string for GET requests.For POST requests, parameters are submitted in the body as a JSON payload. The Content-Type header should always be set to application/json.

The API endpoint is:

https://api.passwordping.com/v1/{service}

API Authentication


All API endpoints require an HTTP basic authentication header. Your API Key is the username and your Secret is the password portion of the header. The authentication header value is constructed in the standard fashion:

authorization: basic Base64Encode({Your API Key}:{Your Secret})

So, for example, if your API Key is b38f5a609f01442fb8ceb1aa02474903 and your Secret is 8e8a185dfa3e437f85afba165ce407b4, the resultant authentication header would be

authorization: basic YjM4ZjVhNjA5ZjAxNDQyZmI4Y2ViMWFhMDI0NzQ5MDM6OGU4YTE4NWRmYTNlNDM3Zjg1YWZiYTE2NWNlNDA3YjQ=

API Responses

PasswordPing uses HTTP status codes to indicate success/failure conditions for API calls. Below is a listing of the response codes used for all PasswordPing API calls along with their meaning.

Response Description
200 Success. Body will contain appropriate response.
400 Required parameters were either missing or invalid.
401 Authentication header either missing or API key/Secret were not valid. Check the response body for more information.
403 Either the rate limit or monthly quota have been exceeded. Check the response body for more information.
404 For GET calls, indicates the requested entity was not found.
500 Unexpected error. Check the response body for more information.

Individual API calls may have additional response codes listed in the documentation for that call.