Password Strength Detector API Documentation

This API allows you to detect the relative strength of a given password.

Changelog

• 1.1 (Latest): Updated API security.

• 1.0: Initial commit for API space.

Access

The API can be accessed from

https://infinitode.netlify.app/api/v1/password-strength-detector

---

Authentication

API Token

To use this API, you must include an API token in the request. The API token should be included in the request body as the apiKey field.

{
  "apiKey": "YOUR_API_TOKEN"
}

You can also use the API with the default GET method.

https://infinitode.netlify.app/api/v1/password-strength-detector?token=YOUR_API_TOKEN

---

Endpoint

Password strength detection

Endpoint URL:

https://infinitode.netlify.app/api/v1/password-strength-detector

HTTP Methods:

• Post

• Get

Request Body

The request body should be a JSON object with the following properties:

• apiKey: Your API token.

• password: Password to check the strength of.

Example:

{
  "apiKey": "YOUR_API_TOKEN",
  "password": "hello123"
}

Or, use the GET method:

https://infinitode.netlify.app/api/v1/password-strength-detector?token=YOUR_API_TOKEN&password=hello123

Response

Upon a successful request, you will receive a JSON response with the detected password strength. If the API token is invalid or the request fails for any reason, an error message will be included in the response. For developer API calls, validation results will also be included along with dummy content.

Example response:

{
  "password": "abcdefgh"
}

The response includes the password strength and validation results for the other inputs are excluded, since this was a normal API call.

---

Usage example

Here's a usage example in JavaScript using the fetch API:

const apiUrl = 'https://infinitode.netlify.app/api/v1/password-strength-detector';

const data = {
  "apiKey": "YOUR_API_TOKEN",
  "password": "hello123"
};

fetch(apiUrl, {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
  },
  body: JSON.stringify(data),
})
  .then(response => response.json())
  .then(result => {
    console.log('Password Strength:', result.passwordStrength);
  })
  .catch(error => {
    console.error('Error:', error);
  });

Make sure to replace 'YOUR_API_TOKEN' with your actual API token.

---

Error handling

The API may return error responses in case of invalid input or other issues. Be sure to handle errors gracefully in your application. Error responses will include appropriate status codes and error messages in the JSON format.

---

Parameters

Here are all the available parameters for the API:

`POST` method

Parameter	Description	Optional
apiKey	Your API key, either the developer API key, or your normal API key	false
password	The password (string) to detect the strength of.	false

`GET` method

Parameter	Description	Optional
token	Your API key, either the developer API key, or your normal API key	false
password	The password (string) to detect the strength of.	false

---

⚠️ Error codes

Here are a few of the error codes, you will receive in responses, to help clarify issues:

Common error codes

Error code	Description
400	Missing or invalid parameters. This is when the parameters you passed to the API, do not match the API's expected inputs.
405	Using an invalid method, to access the API.
429	The rate limit is exceeded within the current timeframe.
401	Error during the request. This can be because of insufficient API calls, input errors, or errors arising from the API's logic.

Our APIs are rigorously tested before deployments, to ensure that they do not produce any unintentional errors during production.

---

⌛ Rate limiting

We use rate limiting, to protect our API's resources. Rate limiting is implemented on all of our APIs, and follows these general principles:

- interval: The rate limiting is set to a default interval of 1 minute. - amount of requests: The amount of requests is set to a default of 25 requests within the given interval.

If the rate limit is exceeded, an error 429 code will be returned, instead of the actual API output.

---

⭐ Best practices

Common guidelines to use, optimize, and protect your implementation of our APIs.

• Do not store/share/expose your API keys

• Implement data cleaning, and validation in your code, to ensure inputs are sanitized

• Handle API errors gracefully

• Use Developer API calls, to help debug your implementation and code

• Handle API outputs accordingly. You can see examples of this API's output in the Endpoint section.

• Implement code to notify users of actions when using our APIs, such as errors, delays, formatting issues, etc.

---

❓ FAQs

Answers to the most common questions and issues when using this API:

I am getting a 405 error, what should I do?

When you are getting a 404 or NotFound error, you likely misspelled the API endpoint or URL. This could also be caused by using an invalid method to access the API.

Is rate limiting set individually, or per API key?

Rate limiting is set individually, this means that rate limiting happens on an end-user level. This ensures that our API is used fairly, among all users.

Are request timeouts a thing?

Yes, we normally timeout requests after the 10-second mark. This, however, can vary significantly, depending on various other factors.

What is the max payload size?

The maximum payload size for buffered executions is 4.5mb per request. For streamed executions, we use a payload restriction size of 20mb per request.

What is the recommended way to call the API?

If you can, call the API using the POST method. The GET method works but is not recommended, especially when you're calling it by directly modifying the URL. This is because URL parameters that are strings, can sometimes be misformatted afterwards, and then incorrectly passed to the API.

Is this a reliable way to check a password's given strength?

The logic in this API uses an algorithm to check the strength of a given password, and it may not always be reliable, based on the complexity of the password, and the code used to check for patterns in the password.

---

Conclusion

That's it! You now have the basics to use the Password Strength Detector API. If you have any further questions or encounter issues, please contact our support team.