Skip to main content

For AI agents

This guide is for AI agents (LLM-based systems that need to autonomously authenticate with and use Encrata’s APIs). If you’re a developer configuring an agent, see For Developers.

Discovery

Fetch the auth file from Encrata’s domain:
The file contains everything needed to authenticate and operate. Parse it once at startup and cache locally. It changes only on API updates.

Minimum steps to operate

1. Authenticate

If you have an API key (format: enc_live_ + 32 chars), skip to step 3. If you have user credentials:

2. Create an API key

Use the session token from step 1:
Store the returned key value securely. It’s shown exactly once.

3. Make API calls

Use the API key as a Bearer token:

Available endpoints

Credit system

Every lookup costs credits:
  • Check balance before expensive operations: GET /api/credits
  • Handle 402 responses gracefully. Alert the user that credits are exhausted
  • Don’t retry on 402. The operation won’t succeed without a top-up

Error handling

MCP alternative

If your platform supports MCP, you can skip HTTP entirely:
Tools available: lookup_email, lookup_phone, lookup_ip, lookup_domain, lookup_company, google_search, google_dork, darkweb_search, onion_search, onion_render, username_search, check_credits.

Behavioral guidelines

  • Be efficient - batch related lookups when possible rather than making many sequential calls
  • Respect rate limits - self-throttle to avoid 429 responses
  • Cache results - enrichment data doesn’t change frequently, cache for at least 1 hour
  • Check credits proactively - before starting a batch of lookups, verify sufficient balance
  • Handle failures gracefully - never crash on API errors, always have a fallback response for the user

Revocation

API keys can be revoked at any time by the user via their dashboard or the API. If you receive a 401 on a previously-working key:
  1. Do not attempt to create a new key automatically
  2. Inform the user that access has been revoked
  3. Wait for the user to provide a new key or re-authorize