Domains

GET /domains/:domain

GET /domains

POST /domains/:domain

PATCH /domains/:domain

DELETE /domains/:domain

URLs

GET /urls/:url

GET /urls

POST /urls/:url

PATCH /urls/:url

DELETE /urls/:url

Users

GET /users/:id

POST /users

PATCH /users/:id

DELETE /users/:id

Authentication

POST /users/@me/tokens

GET /users/:uid/tokens/:tid

POST /users/:uid/tokens

DELETE /users/:uid/tokens/:tid

Types

TYPE Domain

TYPE CreateDomainRequest

TYPE UpdateDomainRequest

TYPE URL

TYPE CreateURLRequest

TYPE UpdateURLRequest

TYPE User

TYPE CreateUserRequest

TYPE UpdateUserRequest

TYPE PartialMainToken

TYPE CreateTokenRequest

TYPE CreateTokenResponse

TYPE CreateMainTokenRequest

TYPE CreateMainTokenResponse

Enums

ENUM DomainCategory

ENUM URLCategory

ENUM Permission

FishFish API v1 Documentation

This documentation covers how to make requests to every FishFish API endpoint. Some endpoints listed are not available for public use. Typically, only endpoints using the GET HTTP verb are public. The current base URL including version is https://api.fishfish.gg/v1.

Authentication

Routes or parameters requiring authentication are notated with Auth. Many requests to the FishFish API require authentication via an API key for the purposes of anti-abuse. You can obtain an API key by running the /key command in the FishFish Discord server. There are two types of authentication token used by the FishFish API. The first is your main token, as given by the FishFish bot, which can only be used to acquire session tokens. Tokens should be sent in the Authorization header of authenticated requests.

The second type of token is a session token, which is used to authenticate the majority of requests to the API. Session tokens are acquired by sending a POST request to the /users/@me/tokens endpoint with your main token in the Authorization header. Session tokens are valid for one hour. After they have expired you must acquire a new session token to continue making requests. Session tokens should be sent in the Authorization header of authenticated requests.

WebSocket API

We provide live updates to our database via a WebSocket feed. The WebSocket feed can be found at wss://api.fishfish.gg/v1/stream. This endpoint is authenticated. Please provide an API session token header when connecting to the API.

In order to prevent unnecessary spam to our API, it is not recommended to exclusively pull our entire domain/URL lists. Instead, recommended behavior (for example, with a Discord bot) is to pull the domain/url lists at startup, then subscribe to the feed for live updates. For redundancy, optionally pull the domain/URL lists periodically to catch potentially-missed events (recommended to do this hourly-daily).

Endpoints

Domains

Endpoints relating to domains.

Get Domain

GET /domains/:domain

Parameters

Name Type Description
domain string The domain name to get.

Responses

Qualifier Type Description
200 @Domain The domain.

Get Domains

GET /domains

Query Parameters

Name Type Description
category string The category to filter by.
Auth full boolean Whether to return full domain objects or just names.

Responses

Qualifier Type Description
200 list[string] The domains.
200 && full=true list[@Domain] The domains.

Create Domain

Auth POST /domains/:domain

Permissions required: domains

Body type: @CreateDomainRequest

Parameters

Name Type Description
domain string The domain name to create.

Responses

Qualifier Type Description
200 @Domain The created domain.

Update Domain

Auth PATCH /domains/:domain

Permissions required: domains

Body type: @UpdateDomainRequest

Parameters

Name Type Description
domain string The domain name to create.

Responses

Qualifier Type Description
200 @Domain The updated domain.

Delete Domain

Auth DELETE /domains/:domain

Permissions required: domains

Parameters

Name Type Description
domain string The domain name to delete.

URLs

Endpoints relating to URLs.

Get URL

GET /urls/:url

Parameters

Name Type Description
url string The URL to get.

Responses

Qualifier Type Description
200 @URL The URL.

Get URLs

GET /urls

Query Parameters

Name Type Description
category string The category to filter by.
Auth full boolean Whether to return full URL objects or just names.

Responses

Qualifier Type Description
200 list[string] The URLs.
200 && full=true list[@URL] The URLs.

Create URL

Auth POST /urls/:url

Permissions required: urls

Body type: @CreateURLRequest

Parameters

Name Type Description
url string The URL to create, URL-encoded.

Responses

Qualifier Type Description
200 @URL The created URL.

Update URL

Auth PATCH /urls/:url

Permissions required: urls

Body type: @UpdateURLRequest

Parameters

Name Type Description
url string The URL to update.

Delete URL

Auth DELETE /urls/:url

Permissions required: urls

Parameters

Name Type Description
url string The URL to delete.

Users

Endpoints relating to users.

Get User

Auth GET /users/:id

Permissions required: admin

Parameters

Name Type Description
id int64 The user ID.

Responses

Qualifier Type Description
200 @User The user.

Create User

Auth POST /users

Permissions required: admin

Body type: @CreateUserRequest

Responses

Qualifier Type Description
200 @User The new user.

Update User

Auth PATCH /users/:id

Permissions required: admin

Body type: @UpdateUserRequest

Parameters

Name Type Description
id int64 The user ID.

Delete User

Auth DELETE /users/:id

Permissions required: admin

Parameters

Name Type Description
id int64 The user ID.

Authentication

Endpoints relating to authentication.

Create Session Token

POST /users/@me/tokens

Body type: @CreateTokenRequest

Responses

Qualifier Type Description
200 @CreateTokenResponse The session token.

Get Main Token

Auth GET /users/:uid/tokens/:tid

Permissions required: admin

Parameters

Name Type Description
tid int64 The token ID.
uid int64 The user ID.

Responses

Qualifier Type Description
200 @PartialMainToken The partial main token.

Create Main Token

Auth POST /users/:uid/tokens

Permissions required: admin

Body type: @CreateMainTokenRequest

Parameters

Name Type Description
uid int64 The user ID.

Responses

Qualifier Type Description
200 @CreateMainTokenResponse The main token.

Delete Main Token

Auth DELETE /users/:uid/tokens/:tid

Permissions required: admin

Parameters

Name Type Description
tid int64 The token ID.
uid int64 The user ID.

Types

Domain

A domain.

Fields

Name Type Description
added int64 The time the domain was added.
category @DomainCategory The category of the domain.
checked int64 The time the domain was last checked.
description string The description of the domain.
domain string The domain.
target? string The target of the domain.

CreateDomainRequest

The request body for creating a domain.

Fields

Name Type Description
category @DomainCategory The category of the domain.
description string The description of the domain.
target? string The target of the domain.

UpdateDomainRequest

The request body for updating a domain.

Fields

Name Type Description
category? @DomainCategory The category of the domain.
description? string The description of the domain.
target? string The target of the domain.

URL

A URL.

Fields

Name Type Description
added int64 The time the URL was added.
category @URLCategory The category of the URL.
checked int64 The time the URL was last checked.
description string The description of the URL.
target? string The target of the URL.
url string The URL.

CreateURLRequest

The request body for creating a URL.

Fields

Name Type Description
category @URLCategory The category of the URL.
description string The description of the URL.
target? string The target of the URL.

UpdateURLRequest

The request body for updating a URL.

Fields

Name Type Description
category? @URLCategory The category of the URL.
description? string The description of the URL.
target? string The target of the URL.

User

A user.

Fields

Name Type Description
external_service_id? string The external service user ID of the user.
id int64 The user ID.
permissions list[@Permission] The permissions of the user.
username string The username of the user.

CreateUserRequest

The request body for creating a new user.

Fields

Name Type Description
external_service_id? string The external service user ID of the user.
username string The username of the user.

UpdateUserRequest

The request body for updating a user.

Fields

Name Type Description
permissions? list[@Permission] The permissions of the user.
username? string The username of the user.

PartialMainToken

A partial main token.

Fields

Name Type Description
id int64 The main token ID.
permissions list[@Permission] The permissions for the token.

CreateTokenRequest

The request body for creating a session token.

Fields

Name Type Description
permissions? list[@Permission] The permissions for the token.

CreateTokenResponse

The response body for creating a session token.

Fields

Name Type Description
expires int64 The time the token expires.
token string The session token.

CreateMainTokenRequest

The request body for creating a main token.

Fields

Name Type Description
permissions list[@Permission] The permissions for the token.

CreateMainTokenResponse

The response body for creating a main token.

Fields

Name Type Description
expires int64 The time the token expires.
id int64 The ID of the main token.
token string The main token.

Enums

DomainCategory

The category of the domain.

  • safe
  • malware
  • phishing

URLCategory

The category of the URL.

  • safe
  • malware
  • phishing

Permission

Valid API permissions.

  • domains
  • urls