The Minerva OSINT API provides programmatic access to advanced email OSINT
and breach lookup features. Secure your accounts, enrich user data, and automate investigations.
Base URL: https://api.minervaosint.com
All endpoints require an API key in the Authorization header as
Bearer <API_KEY>.
Plans:
| Plan | Rate Limit (per request) | Features |
|---|---|---|
| Basic | 1 request / 60s | Full Email OSINT |
| Pro | 1 request / 30s | Full Email OSINT |
| Enterprise | Custom | Custom |
| Add-on: Breach Access | 1 breach request / 5s | Access to breach lookup endpoint |
Note: Breach lookup requires the "Breach Access" add-on key.
Check API status and remaining requests.
| Header | Required | Description |
|---|---|---|
| Authorization | Yes | Bearer <API_KEY> |
curl -H "Authorization: Bearer YOUR_API_KEY" https://api.minervaosint.com/status
{
"status": "The API is currently up and running correctly.",
"requestsLeft": 123
}
Performs advanced OSINT lookup on an email address.
| Parameter | Type | Required | Description |
|---|---|---|---|
| string (JSON body) | Yes | Email address to search | |
| Authorization | header | Yes | Bearer <API_KEY> |
curl -X POST https://api.minervaosint.com/search/email_osint \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email":"[email protected]"}'
{
"register": [
{
"type": "register",
"name": "clickup",
"website": "clickup.com",
"status": "VALID",
"extraData": {
"sso_required": false,
"google_sso": false,
"azure_sso": false,
"okta_sso": false
}
},
{
"type": "register",
"name": "dropbox",
"website": "dropbox.com",
"status": "VALID",
"extraData": {}
},
{
"type": "register",
"name": "patreon",
"website": "patreon.com",
"status": "RATELIMIT",
"extraData": null
}
],
"api": [
{
"type": "api",
"name": "adobe",
"website": "adobe.com",
"status": "VALID",
"extraData": {
"account_type": "individual",
"auth_methods": "google",
"account_status": "active"
}
},
{
"type": "api",
"name": "duolingo",
"website": "duolingo.com",
"status": "VALID",
"extraData": {
"username": "CoolUsername",
"name": "John Doe",
"profile_url": "https://www.duolingo.com/profile/Link To Profile"
}
},
{
"type": "api",
"name": "notion",
"website": "notion.so",
"status": "ERROR",
"extraData": ""
}
],
"breach": []
}
Uncover exposed passwords and breach records for an email address. Requires Breach
Access add-on.
Cooldown: 1 request per 5 seconds.
| Parameter | Type | Required | Description |
|---|---|---|---|
| string (JSON body) | Yes | Email address to check for breaches | |
| Authorization | header | Yes | Bearer <API_KEY> (with breach access) |
curl -X POST https://api.minervaosint.com/search/breach \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email":"[email protected]"}'
[
{
"password": "securepassword123",
"source": {
"name": "Last.fm",
"breach_date": "2012-07",
"unverified": 0,
"passwordless": 0,
"compilation": 0
},
"username": "CoolUsername6969",
"email": "[email protected]",
"fields": ["password", "username", "email"]
}
]
wait_seconds in the response.| Error | HTTP Code | Description |
|---|---|---|
| MISSING_API_KEY | 401 | No API key provided in Authorization header |
| INVALID_API_KEY | 403 | API key not found or invalid |
| ACCESS_EXPIRED | 400 | API key expired |
| NO_REQUESTS_LEFT | 400 | API key quota exhausted |
| TOO_MANY_REQUESTS | 429 | Rate limit exceeded; includes wait_seconds |
| ADDON_REQUIRED | 403 | Breach endpoint requires add-on |
| EMAIL_REQUIRED | 400 | Email parameter missing |
| INTERNAL_ERROR | 500 | Unexpected server error |
| UNKNOWN_ENDPOINT | 404 | Invalid endpoint |
For help or to upgrade your plan, contact Contact Us.