API Access Security

Tenable Vulnerability Management allows you to restrict access to the Tenable Vulnerability Management API by specifying which IPv4 and/or IPv6 addresses can access the API. For more information about using the API, see the Tenable Vulnerability Management API Explorer documentation.

Caution: Unless your network assignments are restricted to only IPv4 addresses or only IPv6 addresses, you must specify allowed ranges for both IPv4 and IPv6 in order to avoid blocking some API traffic. It is not always predictable whether a given client will connect via IPv4 or IPv6.

To restrict Tenable Vulnerability Management API Access:

  1. In the left navigation, click Settings.

    The Settings page appears.

  2. Click the Access Control tile.

    The Access Control page appears. On this page, you can control user and group access to resources in your Tenable Vulnerability Management account.

  3. Click the API Access Security tab.

    The API Access Security options appear.

  4. In the text box, type the IPv4 addresses to which you want to grant Tenable Vulnerability Management API access.

    Tip: The list can include discrete IP addresses, IP address ranges, and IP subnets. For example, 192.0.2.0, 198.51.100.4-198.51.100.10, 203.0.113.0/24 or 2001:db8:2e92:75f2:d40a:e290:10b3:c0f, 2001:db8:1e1f:46a1:e3cb:2110:22c6:0000-2001:db8:1e1f:46a1:e3cb:2110:22c6:ffff, 2001:0DB8::/32.

  5. Click Save.

    Tenable Vulnerability Management allows only the specified IPv4 addresses to access the Tenable Vulnerability Management API.