{
  "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "total_breaches": 1,
  "discovered_emails": [
    "<string>"
  ],
  "message": "<string>"
}

ScanResponse

Contains the immediate acknowledgement returned by POST /scan.

Key fields

scan_id: store this UUID and use it with GET /scan/{scan_id}.
status: success, no_results, or no_queries.
total_breaches: number of matched breach sources, not raw rows.
discovered_emails: optional, only for domain-driven scans that enumerate breached addresses.
message: optional context when the request resolves without usable search terms.

This response does not contain the raw breach records. Use the stored scan_id to fetch the full result payload.

Initial acknowledgement returned by POST /scan. Use scan_id with GET /scan/{scan_id} to retrieve full records.

scan_id

string<uuid>

Unique identifier for retrieving scan results via GET /scan/{scan_id}

status

enum<string>

Scan result status

Available options:

success,

no_results,

no_queries

total_breaches

integer

Number of breach databases found

Required range: x >= 0

discovered_emails

string[]

Emails discovered from domain enumeration (only present when domain was provided)

message

string

Additional context (e.g. when no keywords were provided)