API Key Authorization
Note: API key authorization requires Tenable.sc 5.13.x or later. For earlier versions of Tenable.sc, use the authentication token as described in Token in the Tenable.sc API Guide.
You can generate a unique set of API keys for each user account. These keys allow your application to authenticate to the Tenable.sc API without a user authentication token.
To authorize your application to use the Tenable.sc API, you must include the x-apikey header element in your HTTP request messages.
Before submitting a request, configure the user account you want to use to submit the requests, as follows:
- Enable API key authentication, as described in Enable API Key Authentication in the Tenable.sc User Guide.
- Generate API keys for a user with sufficient permissions for your request, as described in Generate API Keys Keys in the Tenable.sc User Guide.
For more information about Tenable.sc API keys, see API Key Authentication in the Tenable.sc User Guide.
x-apikey Header Element
The x-apikey header element has the following format:
x-apikey: accesskey=ACCESS_KEY; secretkey=SECRET_KEY;
SECRET_KEY parameters correspond to the API keys that Tenable.sc generates for each system user. For more information, see Generate API Keys in the Tenable.sc User Guide.
Example HTTP Request
curl -X GET -k --header "x-apikey: accesskey=4def6bc216f14c1ab86dfba8738ff4a5; secretkey=a47d1d3a071443449a75821129526b96" https://Tenable.sc/rest/currentUser
|400||Bad Request||Returned if your request specified both an authentication token and API keys.|
|Returned if your request specified API keys, but API key authentication is disabled for your Tenable.sc. For more information, see Enable API Key Authentication in the Tenable.sc User Guide.|
Returned if your request specified invalid API keys. API keys are invalid if they meet any of the following criteria:
Returned if Tenable.sc encounters any database errors during the API key recognition process.
Note: If you encounter this error, resubmit your request. If the error does not resolve on resubmit, contact Tenable Support.