Change Scan Ownership

Required User Role: SCAN MANAGER [40] or ADMINSTRATOR [64]
Required Scan Permissions: OWNER [128]

Before a user leaves or changes roles within your organization, Tenable recommends that that the user assigns any scans they own to another user in the organization. Changing scan ownership enables you to retain the scan history and aggregated scan results, which does not occur if you copy a scan configuration as a new owner.

To change scan ownership in Tenable.io:

  1. Use the GET /users endpoint to determine the unique ID of the new owner. The unique ID corresponds to the id attribute of the user object in the GET /users response object.

🛈

Note

You cannot assign scan ownership to a user group.

  1. Determine the permissions you want to assign the user who previously owned the scan.

🛈

Note

When you change scan ownership in the user interface, Tenable.io automatically assigns you CAN VIEW [16] scan permissions for the scan. You may want to set similar permissions via the API.

  1. Use a PUT /scan/{scan_id} that contains the following settings parameters:
ParameterTypeDescription
settings.owner_idstringThe unique ID of the new owner.
settings.acls[]objectAn object specifying scan permissions for the user who previously owned the scan. If the request omits this object, the previous owner's permissions for the scan reverts to the setting for the default user.

Example Assessment Scan: Ownership Change

This example request body changes the scan ownership from User 1 to User 2, and assigns CAN VIEW [16] permissions for the scan to User 1.

{
  "uuid": "91cd6d4c-ead2-40e2-92f0-87f86bd80bf8d24bd260ef5f9e66",
  "settings": {
    "name": "northwest-region-assets",
    "text_targets": "192.0.2.1-192.0.2.255,",
    "owner_id": 2,
    "acls": [
      {
        "permissions": 0,
        "owner": null,
        "display_name": null,
        "name": null,
        "id": null,
        "type": "default"
      },
      {
        "permissions": 16,
        "owner": 0,
        "display_name": "[email protected]",
        "name": "[email protected]",
        "id": 1,
        "type": "user"
      }
    ]
  }
}

Did this page help you?