🔑Handle your API Keys

How to use your own API Keys with Houdin (API and WebApp)

There are 2 ways to use your own scanner API Keys with Houdin API. You can chose either one of them depending on your preference. The WebApp can only be used with the Storage method however.

Storage

By going into your Profile menu, you can save API Keys for each Houdin scanner individually. Once an API Key is saved this way, it will be used both in Houdin WebApp and Houdin API without any further action required.

API Keys are transmitted and stored in an encrypted form in Houdin's database.

We use Elliptic curve cryptography for end-to-end encryption and Argon2 hashing for encryption at rest.

Headers

When using the Houdin API, you can specify the API for each scanner you want to use via the requests headers. An example is given in the documentation for the Launch scan API endpoint:

To provide your VirusTotal API Key for the scan you can specify the following header:

X-VT-API-Key: xxxxxxxxxxxxxxxxxxx OR X-VIRUSTOTAL-API-Key: xxxxxxxxxxxxxxxxxxx

For other scanners you can use the uppercase name of each one like such:

X-URLSCAN-API-Key
X-ABUSEIPDB-API-Key
X-ALIENVAULT-API-Key
X-TRIAGE-API-Key

Last updated 2 months ago