Authorization

Tenable's cloud platform generates a unique set of API keys for each user account. These keys allow your application to authenticate to Tenable's API without creating a session.

To authorize your application to use the Tenable's API, you must include the X-ApiKeys header element in your HTTP request messages.

X-ApiKeys Header Element

The X-ApiKeys header element has the following format:

X-ApiKeys: accessKey=ACCESS_KEY; secretKey=SECRET_KEY;

The ACCESS_KEY and SECRET_KEY parameters correspond to the API keys that Tenable generates for each system user. For more information, see Generate an API Key in the Tenable Vulnerability Management User Guide.

Example

curl -H "X-ApiKeys: accessKey=2c935f507d0686382bb383e4daf92eef8b4a349b9b9de2bf85343c0f7e7265db;secretKey=0553ac5757e8e741d6ef034dc06618106e7855887428e662adcde8862d017cf9" https://cloud.tenable.com/scans