Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encrata.com/llms.txt

Use this file to discover all available pages before exploring further.

Lead enrichment pipeline

Enrich a list of leads, skipping invalid emails to save credits: 
import requests

API_KEY = "YOUR_API_KEY"
HEADERS = {"Authorization": f"Bearer {API_KEY}", "Content-Type": "application/json"}

leads = ["ceo@stripe.com", "fake@nonexistent.xyz", "satya@microsoft.com"]

for email in leads:
    # Free validation first
    resp = requests.post(
        "https://encrata.com/api/agent/validate",
        headers=HEADERS,
        json={"e": email},
    )
    if resp.json().get("status") != "valid":
        print(f"⏭ Skipping {email} ({resp.json().get('status')})")
        continue

    # Paid enrichment only for valid emails
    resp = requests.post(
        "https://encrata.com/api/agent/lookup",
        headers=HEADERS,
        json={"e": email},
    )
    person = resp.json()
    print(f"✓ {person.get('n')}{person.get('co')} ({person.get('role')})")

Security audit — breach check

Scan your user base for compromised accounts: 
import requests

API_KEY = "YOUR_API_KEY"
emails = ["user1@company.com", "user2@company.com", "user3@company.com"]

compromised = []
for email in emails:
    resp = requests.post(
        "https://encrata.com/api/agent/breaches",
        headers={"Authorization": f"Bearer {API_KEY}"},
        json={"e": email},
    )
    data = resp.json()
    if data.get("breach_count", 0) > 0:
        compromised.append({"email": email, "breaches": data["breach_count"]})

print(f"Found {len(compromised)} compromised accounts")

Monitor job changes

Track when key contacts change roles: 
# Create a monitor
curl -X POST https://encrata.com/api/agent/monitors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Key Prospects",
    "monitor_type": "email",
    "emails": ["ceo@example.com", "cto@startup.io"],
    "frequency": "weekly",
    "tracked_fields": ["company", "job_role", "city"]
  }'

# Trigger a run manually
curl -X POST https://encrata.com/api/agent/monitors/mon_abc123/run \
  -H "Authorization: Bearer YOUR_API_KEY"

# Check results with changes only
curl "https://encrata.com/api/agent/monitors/mon_abc123/runs/run_xyz/results?changes_only=true" \
  -H "Authorization: Bearer YOUR_API_KEY"

Domain intelligence

Investigate a suspicious domain: 
const API_KEY = "YOUR_API_KEY";

async function investigateDomain(domain) {
  const [domainInfo, darkweb] = await Promise.all([
    fetch("https://encrata.com/api/agent/domain", {
      method: "POST",
      headers: { Authorization: `Bearer ${API_KEY}`, "Content-Type": "application/json" },
      body: JSON.stringify({ q: domain }),
    }).then((r) => r.json()),

    fetch("https://encrata.com/api/agent/darkweb", {
      method: "POST",
      headers: { Authorization: `Bearer ${API_KEY}`, "Content-Type": "application/json" },
      body: JSON.stringify({ q: domain }),
    }).then((r) => r.json()),
  ]);

  return {
    registrar: domainInfo.registrar,
    created: domainInfo.creation_date,
    darkweb_mentions: darkweb.total,
    threat_level: darkweb.total > 10 ? "high" : darkweb.total > 0 ? "medium" : "low",
  };
}

Webhook receiver (Node.js)

Verify and process Encrata webhook deliveries: 
const express = require("express");
const crypto = require("crypto");

const app = express();
const WEBHOOK_SECRET = "your_webhook_secret";

app.post("/webhooks/encrata", express.raw({ type: "application/json" }), (req, res) => {
  // Verify signature
  const signature = req.headers["x-encrata-signature"];
  const expected = crypto.createHmac("sha256", WEBHOOK_SECRET).update(req.body).digest("hex");

  if (!crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected))) {
    return res.status(401).send("Invalid signature");
  }

  const event = JSON.parse(req.body);

  switch (event.event) {
    case "lookup.completed":
      console.log(`Lookup done: ${event.data.email}`);
      break;
    case "monitor.run.completed":
      console.log(`Monitor run finished: ${event.data.changes_detected} changes`);
      break;
    case "credits.low":
      console.log("⚠️ Credits running low!");
      break;
  }

  res.status(200).send("ok");
});

app.listen(3000);

IP threat scoring

Check if an IP is suspicious: 
import requests

def check_ip_threat(ip, api_key):
    resp = requests.post(
        "https://encrata.com/api/agent/ip",
        headers={"Authorization": f"Bearer {api_key}"},
        json={"ip": ip},
    )
    data = resp.json()

    return {
        "ip": ip,
        "country": data.get("country"),
        "is_vpn": data.get("is_vpn"),
        "is_proxy": data.get("is_proxy"),
        "is_tor": data.get("is_tor"),
        "threat_score": data.get("threat_score"),
        "company": data.get("company"),
    }

# Check a batch of IPs from your login logs
suspicious_ips = ["185.220.101.1", "104.244.72.115"]
for ip in suspicious_ips:
    result = check_ip_threat(ip, "YOUR_API_KEY")
    if result["is_tor"] or result["is_proxy"]:
        print(f"🚨 {ip} — VPN/Tor/Proxy detected ({result['country']})")