API Documentation
API Documentation
Integrate the Hunto AI CTEM platform with your existing security tools using our comprehensive REST API.
Getting Started
The Hunto AI API is organized around REST. Our API has predictable resource-oriented URLs, accepts JSON-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes.
Authentication
All API requests require authentication using an API key. Include your API key in the request header:
Authorization: Bearer YOUR_API_KEY You can generate API keys from your account dashboard under Settings → API Keys.
Base URL
https://api.hunto.ai/v1 Common Endpoints
List all phishing campaigns
Create a new phishing campaign
Retrieve security scoring metrics
List available training courses
Fetch DMARC aggregate reports
Example Request
curl -X GET 'https://api.hunto.ai/v1/phishing/campaigns' \
-H 'Authorization: Bearer YOUR_API_KEY' \
-H 'Content-Type: application/json'Example Response
{
"data": [
{
"id": "camp_123",
"name": "Q1 2024 Security Training",
"status": "active",
"created_at": "2024-01-15T10:00:00Z",
"targets": 500,
"clicks": 42
}
],
"meta": {
"total": 15,
"page": 1,
"per_page": 10
}
}Rate Limiting
API requests are rate-limited to ensure platform stability:
- Standard Plan: 1,000 requests per hour
- Professional Plan: 5,000 requests per hour
- Enterprise Plan: 20,000 requests per hour
Rate limit information is included in response headers:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 847
X-RateLimit-Reset: 1640995200 Webhooks
Subscribe to real-time events using webhooks. Supported events include:
campaign.started- Phishing campaign initiatedcampaign.completed- Campaign finishedemail.clicked- User clicked phishing email linktraining.completed- User finished training moduledmarc.failure- DMARC authentication failure detected
Error Handling
The API uses standard HTTP status codes:
Need Help?
For detailed API references, code examples, and integration guides, contact our support team.