Generate API Keys
Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
The API keys associated with your user account enable you to access the API for all Tenable Vulnerability Management products for which your organization is licensed.
Note: Tenable Vulnerability Management API access and secret keys are required to authenticate with the Tenable Vulnerability Management API.
Note: The API keys associated with your user account enable you to access the API for all Tenable Vulnerability Management products for which your organization is licensed. You cannot set separate keys for individual products. For example, if you generate API keys in Tenable Vulnerability Management, this action also changes the API keys for Tenable Web App Scanning and Tenable Container Security.
Note: Be sure to use one API key per application. Examples include, but are not limited to:
- Tenable Vulnerability Management integration
- Third-party integration
- Other custom applications, including those from Tenable Professional Services
The method to generate API keys varies depending on the role assigned to your user account. Administrators can generate API keys for any user account. For more information, see Generate Another User's API Keys. Other roles can generate API keys for their own account.
To generate API keys for your own account:
- Do one of the following:
In the upper-left corner, click the button.
The left navigation plane appears.
In the left navigation plane, click Settings.
The Settings page appears.
Click the My Account tile.
The My Account page appears, where you can view and update your account details.
In the upper-right corner, click the button.
The user account menu appears.
- Click My Account.
The My Account page appears.
- Click My Account.
Click the API Keys tab.
The API Keys section appears.
The Generate API Keys window appears with a warning.
Caution: Any existing API keys are replaced when you click the Generate button. You must update the applications where the previous API keys were used.
Review the warning and click Generate.
Tenable Vulnerability Management generates new access and secret keys, and displays the new keys in the Custom API Keys section of the page.Tip: If the Generate button is inactive, contact your administrator to ensure they've enabled API access for your account. For more information, see Edit a User Account.
Copy the new access and secret keys to a safe location.
Caution: Be sure to copy the access and secret keys before you close the API Keys tab. After you close this tab, you cannot retrieve the keys from Tenable Vulnerability Management.