Quick start
The production base URL is:
https://platform.adversemonitor.com/api/v1Create or retrieve a key from the signed-in API Access page, then call a read endpoint:
curl "https://platform.adversemonitor.com/api/v1/threats?limit=10" \
-H "Authorization: Bearer am_live_YOUR_KEY"Authentication
Every documented data route requires a bearer token:
Authorization: Bearer am_live_YOUR_KEYA missing, invalid, expired, or unauthorized key returns JSON with an error field and an appropriate HTTP status.
Plans and rate limits
| Access | Minute | Day | Data window |
|---|---|---|---|
| Trial key | 5 | 100 | Trial plan window; sensitive fields redacted |
| Protection | 10 | 1,000 | Subscription window |
| Defend | Unlimited plan-level requests | Unlimited plan-level requests | Full history |
Responses include X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset. Trial keys also receive X-Trial-Expires. Unlimited access remains subject to authentication, availability, and abuse controls.
List threats
/threatsReturns newest records first with cursor pagination.
| Parameter | Description |
|---|---|
limit | Default 50; maximum 100, or 50 for trial keys |
cursor | Opaque cursor returned in meta.cursor |
category | Exact category filter |
country | Case-insensitive country match |
since | ISO date/time lower bound |
{
"data": [{
"id": "record-id",
"title": "Source title",
"summary": "Source summary",
"category": "Ransomware",
"threat_actors": ["Example actor"],
"victims": {
"countries": ["United States"],
"industries": ["Technology"],
"organizations": ["Example Company"],
"domains": ["example.com"]
},
"risk_level": "high",
"ai_analysis": "...",
"published_at": "2026-01-15T12:00:00.000Z"
}],
"meta": {
"total": 1,
"returned": 1,
"cursor": null,
"filters_applied": {"category": null, "country": null, "since": null}
}
}The example above shows the documented response fields using placeholder values.
Threat detail
/threats/{id}Returns one record, including source URL and the available analysis fields. A record outside the subscription data window returns 403.
Search
/threats/search?q=example.com&limit=25q is required and must contain at least 3 characters. limit defaults to 25 and is capped at 50. Search covers title, summary, content, actors, organizations, domains, countries, industries, source URL, and category.
Threat actors
/threat-actors?limit=50Returns actor names, mention counts, latest observed dates, and associated categories. Maximum 100, or 50 for trial keys.
Country statistics
/countries/{code-or-name}Accepts an ISO alpha-2 code such as SG, or a full country name. Returns stored threat, actor and victim counts, top actors and industries, a 30-day trend, and an optional cached summary.
Errors
| Status | Meaning |
|---|---|
| 400 | Invalid or missing parameter |
| 401 | Missing, invalid, or expired API key |
| 403 | Plan or trial-key restriction, or data outside the allowed window |
| 404 | Record or country statistics not found |
| 429 | Rate limit exceeded; inspect retry_after and rate-limit headers |
| 500 | Server error |
{
"error": "Rate limit exceeded",
"retry_after": 42
}