{"__v":0,"_id":"5818e08ebeb0c20f000d445f","category":{"__v":19,"_id":"5615790d0f5ed00d00483dd5","pages":["5615790e0f5ed00d00483dd7","561d48e46386060d00e06003","561d48fe31d9630d001eb5bd","561d49b657165b0d00aa5d8b","561d4a879463520d00cd11e2","561d67f48ca8b90d00210234","561d6a0bf0cff80d00ca22c3","561d6c5b071cd60d000d3221","562f9c2543c5570d001fe6bd","56311c99eae7ef0d00270e3d","56311d6702aff217007dba23","56311f96f1c0580d00fac719","563120b7242cda1900198b79","5631229bf1c0580d00fac721","563131559ead230d00a188f6","563134a324014b0d00bd9a4f","5631392082d96a0d00b0fb1d","56313c584b36120d00fdebfb","5642658ef424a10d00118360"],"project":"5615790c0f5ed00d00483dd1","version":"5615790d0f5ed00d00483dd4","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-10-07T19:57:01.871Z","from_sync":false,"order":0,"slug":"opendns-investigate-rest-api","title":"Umbrella Investigate REST API"},"parentDoc":null,"project":"5615790c0f5ed00d00483dd1","user":"560b40145148ba0d009bd0b5","version":{"__v":6,"_id":"5615790d0f5ed00d00483dd4","project":"5615790c0f5ed00d00483dd1","createdAt":"2015-10-07T19:57:01.307Z","releaseDate":"2015-10-07T19:57:01.307Z","categories":["5615790d0f5ed00d00483dd5","56157b2af432910d0000f9fe","56157cfb0f5ed00d00483ddb","562684d95db46b1700fd4f48","573b7ea9ef164e2900a2b8ff","582e285d8373c20f00810608"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-11-01T18:35:58.586Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"settings":"","results":{"codes":[]},"auth":"required","params":[],"url":""},"isReference":false,"order":3,"body":"All of the API endpoints listed below conform to the same syntax of being appended to the end of an authenticated query, which will always begin with https://investigate.api.umbrella.com/. \n\nOnce you have your access token, follow the syntax in this example. Using the cURL command line, substitute your token for the %variable%:\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"curl -i -H \\\"Authorization: Bearer %YourToken%\\\" \\\"https://investigate.api.umbrella.com/dnsdb/name/a/example.com.json\\\"\",\n      \"language\": \"text\"\n    }\n  ]\n}\n[/block]\nThis request should return HTTP/1.1 200 OK and results from Investigate. If it does not, look to the HTTP codes to determine if the command or token are valid. For future queries, remove the `-i` to return only results from Investigate. Nearly all requests to Investigate are GET requests; the only exception is a POST request Domain Status for multiple domains.\n\nRequests can also be done directly in a browser that's already authenticated with Investigate by entering the URL of the query in the address bar.\n\n## Information about Rate Limiting\n\nThe API is rate limited in order to ensure the best possible performance for all customers. The limits are different based on the tier of API access that was purchased and which endpoint is being requested. The rate limit is based on the organization that owns the API key used, and the rate limit is shared across all of a given organization's API keys.\n\nFor the Domain Status and Categorization endpoint (/domains/), the rate limit is:\n\n*Tier 1* - 3 requests per second\n*Tier 2* - 300 requests per second\n*Tier 3* - 300 requests per second\n\n> Only Tier 2 and 3 are able to make bulk submissions to the categorization endpoint.\n\nFor all other endpoints, the rate limit is:\n\n*Tier 1* - 3 requests per second\n*Tier 2* - 12 requests per second\n*Tier 3 *- 48 requests per second. \n\nWhen the rate limit for an endpoint is exceeded, all additional requests above the limit will receive an HTTP 503 response (Service Unavailable) and are discarded. Requests can be resent in a subsequent batch at the next interval (one second later). \n\n\n---\n[Coding Examples](https://docs.umbrella.com/developer/investigate-api/coding-examples-1/) < **Requests** > [Error Handling](https://docs.umbrella.com/developer/investigate-api/error-handling-1/)","excerpt":"","slug":"requests-1","type":"basic","title":"Requests"}
All of the API endpoints listed below conform to the same syntax of being appended to the end of an authenticated query, which will always begin with https://investigate.api.umbrella.com/. Once you have your access token, follow the syntax in this example. Using the cURL command line, substitute your token for the %variable%: [block:code] { "codes": [ { "code": "curl -i -H \"Authorization: Bearer %YourToken%\" \"https://investigate.api.umbrella.com/dnsdb/name/a/example.com.json\"", "language": "text" } ] } [/block] This request should return HTTP/1.1 200 OK and results from Investigate. If it does not, look to the HTTP codes to determine if the command or token are valid. For future queries, remove the `-i` to return only results from Investigate. Nearly all requests to Investigate are GET requests; the only exception is a POST request Domain Status for multiple domains. Requests can also be done directly in a browser that's already authenticated with Investigate by entering the URL of the query in the address bar. ## Information about Rate Limiting The API is rate limited in order to ensure the best possible performance for all customers. The limits are different based on the tier of API access that was purchased and which endpoint is being requested. The rate limit is based on the organization that owns the API key used, and the rate limit is shared across all of a given organization's API keys. For the Domain Status and Categorization endpoint (/domains/), the rate limit is: *Tier 1* - 3 requests per second *Tier 2* - 300 requests per second *Tier 3* - 300 requests per second > Only Tier 2 and 3 are able to make bulk submissions to the categorization endpoint. For all other endpoints, the rate limit is: *Tier 1* - 3 requests per second *Tier 2* - 12 requests per second *Tier 3 *- 48 requests per second. When the rate limit for an endpoint is exceeded, all additional requests above the limit will receive an HTTP 503 response (Service Unavailable) and are discarded. Requests can be resent in a subsequent batch at the next interval (one second later). --- [Coding Examples](https://docs.umbrella.com/developer/investigate-api/coding-examples-1/) < **Requests** > [Error Handling](https://docs.umbrella.com/developer/investigate-api/error-handling-1/)