API Key Generation and Permissions

API keys allow your users to access the API. For more information about what you can do with the API, see the Getting Started with the API information.

Important: Keys are generated and distributed by administrators only. API keys can be copied one time immediately after they are generated. If a user loses their key, an admin will need to generate a new key in order to copy and distribute the key.

To manage API keys, log in to Cisco Vulnerability Management and click on the gear icon in the upper right corner of the screen.

In the drop down, click API Keys. 



On the API Keys page you can view who has an API key assigned to them by looking in the Key Issued column. You can also generate a new token for a user by clicking on the Change Token action, and remove their API Key (and access to the API) by clicking on the Revoke Token action.


Please consult company policies regarding key management to determine if keys need to be centrally stored or managed. 

Only system roles (administrators, normal and read-only) can have keys assigned at this time. API keys follow standard permissions for those roles (see Role Permissions help page for details).

To assign a key with read-only access, a user must be created with read-only user chosen as their Role, and then a key can be generated for that user.


Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.