Welcome to Tenable API Explorer! This page provides complete reference documentation for all available Tenable.io API endpoints based on OpenAPI 3 (formerly known as Swagger) specification. You can try most of the API calls out of the box.
The page also provides reference documentation for the Tenable Downloads API.
The available Tenable.io APIs are organized into the following functional categories:
- Tenable Platform
- Vulnerability Management
- Container Security
- Web Application Scanning
- Managed Security Service Provider (MSSP) Portal
Scroll down the page to view the information for these APIs or use search to look for specific terms.
Tenable Platform API includes the endpoints for authentication and access management.
For background information about user and group management, see the documentation site.
Vulnerability Management API allows you to programmatically manage assets, scans, and policies from the cloud. The endpoints provide actionable insight into your entire infrastructure’s security risks, allowing you to quickly and accurately identify, investigate, and prioritize vulnerabilities and misconfigurations in your modern IT environment.
For background information about Tenable.io Vulnerability Management, see the documentation site.
Container Security API provides the endpoints for securing container images, for example, Docker. Using the API, you can you seamlessly and securely enable DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.
Tenable Container Security API v1 is deprecated. Use Container Security API v2.
For background information about managing container security, see the documentation site.
Web Application Scanning API endpoints enable you to automate the security management for your web applications. You can safely and accurately scan web applications, providing deep visibility into vulnerabilities and context for prioritizing remediations.
The Web Application Scanning API v1 uses the same REST routes as the Vulnerability Management API. However, the resource representations include additional fields specific to Web Application Scanning.
Tenable recommends that you use Tenable.io Web Application Scanning API v2 for any new development. You can continue to use existing integrations that are based on Tenable.io Web Application Scanning API v1. Tenable will provide advance notice and migration guidance prior to deprecating Tenable.io Web Application Scanning API v1. To keep up to date on product announcements, subscribe to our RSS feed or check the API Changelog.
For background information about web application scanning, see the Tenable.io Web Application Scanning User Guide.
The Tenable.io Managed Security Service Provider (MSSP) Portal API provides a secure and accessible way for MSSP administrators to manage and maintain multiple customer instances of Tenable products. Endpoints in the Tenable.io MSSP Portal API allow you to view and manage your MSSP customer accounts.
For background information about the Tenable.io MSSP Portal, see the Tenable.io MSSP Portal User Guide.