We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.


  • Last updated on

Permission Required to use this API Endpoint

Requires API key, username, and password. No additional permission is required.

Create an access token

Post your username, password, and API key to receive an access token for all other actions. All other actions will require a valid access token created from this endpoint. If the token becomes invalid, retrieve another one with this endpoint. The token expires every 24 hours (maximum), but might expire before then. If it expires, call the authenticate endpoint again.

Make your API requests from the same IP address you used when retrieving your access token. If you use a different IP address, your API calls will be unsuccessful, returning a 401 – Not Authorized response. 

POST /authenticate
Parameter Parameters
Name Type Description
bof_ticket_userString Your assigned username.
bof_ticket_pw String

Your assigned password.

api_key String

Your assigned key.


Examples and usage

curl -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d '{
"bof_ticket_user": "USERNAME",
"bof_ticket_pw": "PASSWORD",
}' "https://api.phishline.com/phishline_example/rest/authenticate"


Success Response and example


HTTP/1.1 200 OK
 "status": 200,
 "statusMessage": "OK",
 "statusDetails": {
 "Reason": "Authentication created."
 "entity": "accesstoken",
 "jobid": 0,
 "notifications": {
 "API Token Expiration Date": "N\/A",
 "Maximum API calls per hour": 1000,
 "Your API calls in the last hour": 7
 "data": {
 "access_token": "ab34ef56gbdgbb139215nda72751111e64e"


Success 200
Name Type Description

The access token. You will use this access token either in the query string, or as an Authorization header, named 'access_token' on all subsequent API calls.

Error 4xx
Name Type Description

Your attempt to authenticate failed. Please check your credentials and try again.


Authentication failure: Bad API Key.


Error Response

Response (example):

HTTP/1.1 401 Not Authorized
 "status": 401,
 "statusMessage": "NotAuthorized",
 "statusDetails": {
 "Reason": "Authentication failure: Bad API Key."
 "entity": "unknown",
 "jobid": 0,
 "notifications": [],
 "data": []



Last updated on