API Documentation

Comprehensive guides and API references for integrating AntiBait's email threat detection into your applications.

Basic Analysis

Free

Quick email analysis providing header and body risk scores for basic threat detection.

API Endpoint

POST

POST/api/analysis/basic

Request Body

{
  "email": "string (full raw email)"
}

Must include headers and body.

Response

{
  "status": 200,
  "success": true,
  "analysisId": "uuid",
  "cached": false,
  "score": number,
  "headerScore": number,
  "bodyScore": number,
  "threatType": null,
  "type": null,
  "confidence": null,
  "tags": [],
  "reasoning": null,
  "falsePositiveChecks": [],
  "error": null,
  "data": object
}

Example Request

Request

POST /api/analysis/basic
Content-Type: application/json
Authorization: Bearer YOUR_API_KEY

{
  "email": "From: [email protected]
  To: [email protected]
  Subject: Test Email
  
  This is a test email body."
}

Response

{
  "status": 200,
  "success": true,
  "analysisId": "550e8400-e29b-41d4-a716-446655440000",
  "cached": false,
  "score": 8,
  "headerScore": 15,
  "bodyScore": 0,
  "threatType": null,
  "type": null,
  "confidence": null,
  "tags": [],
  "reasoning": null,
  "falsePositiveChecks": [],
  "error": null,
  "data": {
    "headerDetails": { "score": 15 },
    "bodyDetails": {
      "score": 0,
      "detectedLanguage": "en",
      "categoryResults": {...}
    }
  }
}

Response Fields

statusnumber

HTTP status code (always 200 for successful requests)

successboolean

Indicates if the analysis was successful

analysisIdstring | null

Unique identifier for this analysis (UUID format)

cachedboolean

Whether the result was retrieved from cache

scorenumber

Average risk score (0-100) calculated from headerScore and bodyScore

headerScorenumber

Risk score (0-100) based on email header analysis including SPF, DKIM, DMARC checks, and sender reputation

bodyScorenumber

Risk score (0-100) based on email body content analysis including suspicious patterns, links, and attachments

dataobject

Additional analysis details including headerDetails, bodyDetails (with detectedLanguage and categoryResults), and processed email metadata

errorstring | null

Error message if analysis failed, null on success

Note: Basic analysis does not include AI-powered fields like threatType, confidence, tags, or reasoning. These are set to null or empty arrays. For comprehensive threat intelligence, use the Advanced Analysis endpoint.

Score Interpretation

Low Risk (0-30)

Email appears legitimate with minimal risk indicators

Medium Risk (31-60)

Email contains suspicious elements that warrant caution

High Risk (61-100)

Email exhibits strong phishing or malicious indicators

Basic vs Advanced Analysis

Basic analysis provides quick header and body scores. For comprehensive threat intelligence with AI-powered detection, threat categorization, and detailed reasoning, upgrade to Premium for Advanced Analysis.

Authentication Required

This endpoint requires a valid API key. Include your API key in the Authorization header as a Bearer token.

Need help integrating our API? Our support team is here to assist you.

Contact • View FAQ • Manage API Keys