Skip to main content
To use this endpoint, you must have a Pulsedive Pro or Feed plan. Your export access and permissions are determined by your plan.

Authentication Methods

Pulsedive’s TAXII server supports two authentication methods using your API key:
  • HTTP Basic Authorization: Encode your credentials using Base64 and include them in the Authorization header. Standard method required by the TAXII specification. Best for production deployments, standard TAXII clients, and automated integrations.
  • Query String Authentication: Include your API key as a URL parameter. Specific to Pulsedive’s implementation. Best for testing and debugging, manual API exploration, and simple curl commands.
For production use, always use HTTP Basic Authorization because it is the standard method and keeps your API key out of server logs and URLs.

HTTP Basic Authorization

This is the standard method required by the TAXII specification. Most TAXII clients expect this authentication method. Encode taxii2:<YOUR_API_KEY> using Base64 and include it in the Authorization header: 
GET /taxii2/ HTTP/1.1
Authorization: Basic <BASE64_ENCODED_taxii2:YOUR_API_KEY>
Accept: application/taxii+json;version=2.1

Using a TAXII Client or Library

If your client or library prompts for a username and password separately, use these credentials:
  • Username: taxii2
  • Password: <YOUR_API_KEY>
The client will automatically encode this as taxii2:<YOUR_API_KEY> and convert to Base64.

Query String Authentication

This method is specific to Pulsedive’s TAXII implementation and useful for testing or debugging. Include your API key as a URL parameter in a GET request: 
curl "https://pulsedive.com/taxii2/ \
    ?key=<YOUR_API_KEY> \
    &accept=application/taxii+json;version=2.1 \
    &pretty=1"

Endpoint

GET /taxii2/

Query Parameters

key
string
required
Your Pulsedive API key.Required for all requests, including the free test collection.
accept
string
required
Media type for the response. Use application/taxii+json;version=2.1 for TAXII requests.
pretty
enum<integer>
Indicates whether to format returned JSON results.For pretty-printed output, set to 1. For compact output, set to 0.This parameter only affects JSON output format.Available options: 0, 1 Default: 0

Testing Your Authentication

Verify your authentication works by requesting the discovery endpoint: 
# HTTP Basic Auth
curl -H "Authorization: Basic <BASE64_ENCODED_API_KEY>" \
     -H "Accept: application/taxii+json;version=2.1" \
     https://pulsedive.com/taxii2/

# Query String (for testing)
curl "https://pulsedive.com/taxii2/ \
    ?key=<YOUR_API_KEY> \
    &accept=application/taxii+json;version=2.1 \
    &pretty=1"
Both methods should return the same response with available API roots and collection information.