Generate API Keys

Required User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

The API keys associated with your user account enable you to access the API for all Tenable.io products for which your organization is licensed.

Note: Tenable.io API access and secret keys are required to authenticate with the Tenable.io API.

Note: The API keys associated with your user account enable you to access the API for all Tenable.io products for which your organization is licensed. You cannot set separate keys for individual products. For example, if you generate API keys in Tenable.io Vulnerability Management, this action also changes the API keys for Tenable.io Web Application Scanning and Tenable.io Container Security.

Note: Be sure to use one API key per application. Examples include, but are not limited to:

  • Tenable.io integration
  • Third-party integration
  • Other custom applications, including those from Tenable Professional Services

The method to generate API keys varies depending on the role assigned to your user account. Administrators can generate API keys for any user account. For more information, see Generate Another User's API Keys. Other roles can generate API keys for their own account.

To generate API keys for your own account in the new Tenable.io interface:

  1. Do one of the following:
    • In the upper-left corner, click the Menu button.

      The left navigation plane appears.

      1. In the left navigation plane, click Settings.

        The Settings page appears.

      2. Click the My Account tile.

        The My Account page appears.

    • In the upper-right corner, click the button.

      The user account menu appears.

      1. Click My Account.

        The My Account page appears.

  2. Click the API Keys tab.

    The API Keys section appears.

  3. Click Generate.

    The Generate API Keys window appears with a warning.

    Caution: Any existing API keys are replaced when you click the Generate button. You must update the applications where the previous API keys were used.

  4. Review the warning and click Generate.

    Tenable.io generates new access and secret keys, and displays the new keys in the Custom API Keys section of the page.

  5. Copy the new access and secret keys to a safe location.

    Caution: Be sure to copy the access and secret keys before you close the API Keys tab. After you close this tab, you cannot retrieve the keys from Tenable.io.