API keys allow your users to access the API. For more information on the API, see the Getting Started with the API information.
Users can generate their own API keys after an administrator has given them permission to do so. API keys can be copied one time immediately after they are generated.
Important notes
- Administrator users cannot grant API access to other administrator users.
- Administrator users cannot revoke API access from other administrator users.
- Administrator users can reset API keys for other Administrator users.
View which users have access to use the API
- Log in to Cisco Vulnerability Management.
- Click the Settings icon () and select API Keys.
- Select All Keys.
In the table you can see who has access to use the API and when the API key access status changed for the user. You can use the Search field to look for a specific user.
Manage Single Users - Grant API Access, Revoke API Access, or Reset API Key
- Log in to Cisco Vulnerability Management.
- Click the Settings icon () and select API Keys.
- Select All Keys.
- In the table, click the icon for a user and choose to Grant Access, Revoke Access or force a user to Reset API Key.
Grant API Access to Multiple Users Simultaneously
Note: Administrator users cannot grant API access to other administrator users.
- Log in to Cisco Vulnerability Management.
- Click the Settings icon () and select API Keys.
- Select Grant Access.
- In the list, select the users that you want to grant access to. You can use the Search field to look for specific users. Note: If you want to grant access to all the users on the page, click the checkbox at the top of the list. Then if you want to grant access to all the users in your organization, click Select all (xx) items.
- Click Grant.
- In the Grant Access message, click Yes, Grant Access.
Users are sent an email message with instructions about generating their API keys.
Revoke API Access for Multiple Users Simultaneously
Note: Administrator users cannot revoke API access from other administrator users.
- Log in to Cisco Vulnerability Management.
- Click on the Settings icon () and select API Keys.
- Select Revoke Access.
- In the list, select the users that you want to revoke API access from. You can use the Search field to look for specific users. Note: If you want to revoke access to all the users on the page, click the checkbox at the top of the list. Then if you want to revoke access from all the users in your organization, click Select all (xx) items.
- Click Revoke.
- In the Revoke API Keys message, type Confirm and click Yes, Revoke Access.
Users are sent an email message that states their API key no longer works.
Force Multiple Users to Change Their API Keys
- Log in to Cisco Vulnerability Management.
- Click on the Settings icon () and select API Keys.
- Select Reset API Key.
- In the list, select the users that you want to force to change API keys. You can use the Search field to look for specific users. Note: If you want to have keys to all the users on the page change their API keys, click the checkbox at the top of the list. Then if you want to have all users in your organization change their API keys, click Select all (xx) items.
- Click Reset.
- In the Reset API Key message, type Confirm, and click Yes, Reset API Keys.
Users are sent an email message that states their API key no longer works and they are required to generate a new API key.
Create or Reset an API Key (User self-service)
Prerequisite: An Administrator has granted the user permission to create their own API key.
- Click on the link in the email message that you received.
- Log in to Cisco Vulnerability Management.
- Click on the Settings icon () and select API Keys.
- Click My Key.
- Click Generate New Key.
- To copy the key, click the copy button.
API Keys and Roles
API keys follow standard permissions for roles (for more information, refer to the Role Permissions details).
To assign a key with read-only access, when you create a user, they must be given the "read-only user" role, and then you can generate a key for them.
Which API endpoints can users with custom roles use?
Users that have custom roles can use the following API endpoints, depending on the permissions that an administrator has provided them:
- Show Asset
- Show Asset Vulnerabilities
- List Assets
- Search Assets
- Validate Asset Search Query
- Validate Vulnerability Search Query
- Show Asset Group
- Show All Fixes
- Show Top Fix Groups
- List Asset Groups
- Create Child Asset Group and Risk Meter
- Update Asset
- Bulk Update Assets
- Untag an Asset
- Tag an Aset
- List Tags
- Show Vulnerability
- Update Vulnerability
- Bulk Update Vulnerabilities
- Search Vulnerabilities
- List Vulnerabilities
- Show Scanner Vulnerability Details
- Request Data Export
- Retrieve Data Export
- Check Data Export Status
- Kill Running Data Export
- Show Fix
- List Fix Alternatives
- List Fixes
- Search Fixes
Comments
Please sign in to leave a comment.