Generating API Keys

Use a Key ID and Key Secret to access the AppScan 360° REST APIs and to log in from some of the AppScan 360° client tools (for example, from the Jenkins plug-in and from the Static Analyzer Command Line Utility and IDE plug-ins).

About this task

A Key ID is unique to each user. If you do not have a Key ID, or if you have lost your Key Secret, you can generate a new combination. To generate a new key, either:


  1. Go to the API key page at the AppScan 360° service:
    • https://<domain>/
  2. Generate the key through the user interface:
    1. SelectTools ( ) > API .
    2. Click Generate, and make note of the Key ID and Key Secret for your records.
      Note: You cannot retrieve the Key Secret after you navigate away from this page. A new Key Id and Key Secret are created each time you click Generate. Your previous Key ID will be deleted and replaced with the new one.

What to do next

In Swagger, use the generated Key ID and Key Secret in the /api/v2/Account/ApiKeyLogin REST API to generate a new Bearer token. Then you can use the generated Token in the access token field in the Swagger interface.