Permissions and User setup

We highly recommend creating a new user tied to an alias or a new email address so that usage can be audited properly, and credentials are not tied to a real user. This is to prevent a user from being removed from Tenable and disrupting your data integration. In Settings -> Access Control -> Permissions, please make sure the user has:
  1. Permissions: Can View
  2. Objects: All assets
If you are unsure, you can create a new permission group called “API” with the above configuration and add the user used for the API credential generation to this new permission.

Generate Credentials

Log in to cloud.tenable.com
The keys that are generated have the same permissions as the user who generates them. Please make sure the user has proper permissions to view all relevant vulnerabilities, assets, scan configurations, and user access configurations. We recommend assigning the Admin role scoped to the assets that are needed to avoid permission issues.
1

Navigate to Settings

In the upper right corner, click on your user icon, then click on settings.
2

Generate Credentials

On the left menu, select API Keys, then in the lower right of the screen click the “Generate” button.
3

Enter keys

You will be presented with two keys:
  • An Access Key
  • A Secret Key
Copy these keys and enter them into the Tenable Vulnerability Management connector in the “Access Key” and “Secret Key” fields.