Articles on: Integrations

Obtaining Your API Key

Integrations & API Access in Selki

Selki enables seamless integration with your internal tools, dashboards, and workflows through a powerful GraphQL API. This allows you to programmatically pull threat intelligence, phishing simulation data, and other insights directly from Selki’s platform into your own systems, SIEMs, SOARs or TIPs.


What Can You Do with the API?

Using Selki’s API, you can:

  • Query threat data (e.g., credentials found, URLs, usernames, passwords)
  • Export results from phishing simulations
  • Embed Selki security metrics into internal dashboards (e.g., PowerBI, Grafana, Splunk)
  • Automate threat ingestion into SIEM/SOAR tools
  • Run scheduled queries and audits


Screenshot Walkthrough: API Key Management

The screenshot shows the API Key Management section, which is the central place to enable and manage programmatic access to Selki's data.

API Key Management


1. Active API Key

  • A secure token that authenticates requests to the Selki API.
  • You can:
    • Regenerate the key (if compromised or for regular rotation)
    • Revoke the key to instantly disable API access
🔒 Note: Always store this key in a secure environment variable. Never expose it in front-end or client-side code.


2. Security Guidelines

  • Best practices for keeping your integration secure:
    • Never expose keys publicly
    • Rotate keys regularly
    • Use environment variables
    • Monitor logs for unauthorized API use


3. Quick Start Panel

Pre-built code snippets in:

  • cURL
  • JavaScript
  • Python


Example cURL snippet:

bash
CopyEditcurl -H "Authorization: Bearer YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -X POST https://api.selki.io/ \
     -d '{
       "query": "query GetThreats {
         threats {
           id
           url
           username
           password
         }
       }"
     }'

This example pulls a list of threat entries detected by Selki, including:

  • id: Unique identifier
  • url: Where the data was exposed
  • username and password: Compromised credentials


API Explorer

Selki includes a built-in GraphQL playground so you can explore, test, and build your queries before implementing them in production.

Key features:

  • Interactive Query Builder: Autocomplete and query assistance
  • Live Schema Documentation: See all available data structures
  • Query History: Access and reuse past queries
  • Example Queries: Use prebuilt templates to get started fast

Use the Launch API Explorer button to open the interface and start experimenting.


Use Cases

Here are a few examples of how customers use Selki’s API:

  • Sync compromised credentials to internal alerting systems
  • Export phishing campaign metrics to executive dashboards
  • Run automated nightly queries for newly discovered threats
  • Build custom reports from Selki data alongside other security tools


Pro Tips

  • Store API keys as secrets in CI/CD tools or backend environments
  • Limit permissions with API scoping (if supported in future releases)
  • Use tags or metadata in your systems to link Selki records with internal user IDs

Updated on: 08/08/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!