---
title: "Security and API integration"
slug: "security-and-api-integration"
updated: 2026-06-11T14:04:25Z
published: 2026-06-11T14:04:25Z
canonical: "help.silentpush.com/security-and-api-integration"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://help.silentpush.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and API integration

Enhance account security and integrate with Silent Push using Two-Factor Authentication (2FA) and API keys.

## Set up 2FA

1. From your user icon, select **Account Settings > Set Up Two Factor Authentication**.
2. Scan the QR code and then select **Next**.
3. In the **Authentication Code** box, enter your authentication code.
4. Select **Next**.
  - (Optional) To copy your recovery codes, select **Copy All Codes** or the **Copy**( **) icon beside the specific recovery code.
5. Select **Done**.

API Keys are generated by an administrative user for your organization in the Organization Settings.

## Generate an API key

1. Log in as an **Organizational Admin**.
2. From your user icon, select **Organization > API Keys > +Add New API Key**.
3. Specify a **Nickname**.
4. Specify an **Expiration Date**.
5. Click **Create**.
6. The new key appears in the **API Keys** table.
7. Under **Actions**, you can copy, edit, or delete the key.

## Threat Check API

Use the [**Threat Check API**](/v1/docs/threat-check-api) for unrestricted access to our Feed data and to quickly determine whether a specific indicator is present on our Indicators of Future Attack (IOFA) feeds. The API also supports DNS-based lookups, enabling customers to perform real-time checks without incurring additional costs or limitations.

## Benefits

With the [**Threat Check API**](/v1/docs/threat-check-api), customers gain the following:

- Quickly determine if an indicator is on an IOFA feed. This allows your team to promptly identify high-risk indicators and take appropriate action, such as blocking potentially dangerous traffic.
- The ThreatCheck API is provided at no additional cost to Enterprise customers.
- The API is engineered to handle large volumes of requests. This makes it ideal for integration into systems that require real-time look-ups under heavy load.
- Integrating the ThreatCheck API into your security infrastructure is straightforward****with a simple Boolean response. It supports both API and DNS-based Lookup methods, providing flexibility in how you incorporate Threat intelligence into your workflows.

## Locate your API key

1. From your User Icon, click **Subscription**.
2. Find the [**Threat Check API**](/v1/docs/threat-check-api) key. For security, the key is masked, but you can reveal it by selecting the eye (**) icon. This key is essential for authenticating your API calls.

## Integrate the API into your tools

Use the provided API key to perform lookups directly from your tools or security systems. The API accepts an indicator, such as an IP address or a Domain, and returns a boolean value indicating whether it is present on an IOFA feed.

## Utilize DNS-Based lookups

The [**Threat Check API**](/v1/docs/threat-check-api) also supports DNS-based lookups. This is especially useful for high-volume scenarios, such as filtering inbound emails or scanning Network traffic.

An API endpoint for performing real-time lookups of threat indicators, such as IPs or domains, to assess risk and integrate with security tools.

A curated stream of threat intelligence data containing indicators of compromise (IoCs), such as malicious IPs or domains, used to monitor and mitigate cyber threats.

A feature leveraging passive DNS data to investigate and correlate related threats, such as associated IPs, domains, or other indicators.

An Indicator of Compromise (IoC) with potential to cause harm, such as a malicious IP, domain, or file hash.

The human-readable name (e.g., example.com) associated with an indicator of compromise (IoC) or network resource, used to identify and access websites or services in threat intelligence analysis.

The IP address or subnet used in typosquatting queries to identify domains mimicking legitimate ones, aiding in the detection of phishing or fraudulent infrastructure.