Click on your username on the upper right side of the screen and chooseAPIfrom the drop down menu.
The page displaying your API Key and Authorization Request will appear. Copy
your given API Key to use it as a part of the Authorization process further
in configuring Phishing Initiative.
Configure Phishing Initiative integration in Google Security Operations
For detailed instructions on how to configure an integration in
Google SecOps, seeConfigure
integrations.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis document details the configuration and usage of the Phishing Initiative integration, version 9.0, within Google Security Operations SOAR.\u003c/p\u003e\n"],["\u003cp\u003eTo obtain your API Key for the Phishing Initiative, you must sign in to your account on their website, navigate to the API section under your username, and copy the provided key.\u003c/p\u003e\n"],["\u003cp\u003eThe "Get URL Status" action allows you to check the status of a URL, returning enrichment data such as the URL itself, tag, and tag label, if they exist.\u003c/p\u003e\n"],["\u003cp\u003eThe "Ping" action can be used to verify the connectivity of the Phishing Initiative integration, with the script result indicating success or failure.\u003c/p\u003e\n"],["\u003cp\u003eThe provided JSON result examples demonstrate the data format returned by the "Get URL Status" action, showing URL status, tag and tag label information.\u003c/p\u003e\n"]]],[],null,["# Phishing Initiative\n===================\n\nIntegration version: 9.0\n\nCredentials - API Key and Token Authorization\n---------------------------------------------\n\n1. First, to obtain your API Key, sign in to your [PhisingInitiative\n Account](https://phishing-initiative.eu/contrib/).\n\n2. Click on your username on the upper right side of the screen and choose\n **API** from the drop down menu.\n\n3. The page displaying your API Key and Authorization Request will appear. Copy\n your given API Key to use it as a part of the Authorization process further\n in configuring Phishing Initiative.\n\nConfigure Phishing Initiative integration in Google Security Operations\n-----------------------------------------------------------------------\n\nFor detailed instructions on how to configure an integration in\nGoogle SecOps, see [Configure\nintegrations](/chronicle/docs/soar/respond/integrations-setup/configure-integrations).\n\nActions\n-------\n\n### Get URL Status\n\n#### Description\n\nGet the status of a URL.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the URL entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n [\n {\n \"EntityResult\": {\n \"url\": \"https: //www.dieutribenhkhop.com\",\n \"tag\": -1,\n \"tag_label\": \"notsubmitted\"\n },\n \"Entity\": \"https: //www.dieutribenhkhop.com\"\n },{\n \"EntityResult\": {\n \"url\": \"http: //markossolomon.com/f1q7qx.php\",\n \"tag\": -1,\n \"tag_label\": \"notsubmitted\"\n },\n \"Entity\": \"HTTP: //MARKOSSOLOMON.COM/F1Q7QX.PHP\"\n }\n ]\n\n### Ping\n\n#### Description\n\nTest Connectivity.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
