Create and manage API keys with granular permissions and sub account access, enabling you to integrate Imperva into your environment and streamline processes. For example, you can automate security responses, integrate dashboards and reports, or onboard new sites.

For more details on the API authentication method, see Authentication.

Overview

The account administrator or a user with equivalent permissions can manage API Keys.

  • API keys inherit the user's permissions and sub account access.
  • Any user with the Manage API keys permission can create and manage their own API keys (up to 5 keys per user account).
  • The account admin or any user with the appropriate permissions (Manage users and permissions and Manage API keys) can create and manage keys for all account users.
  • Add a name and description to an API key to indicate what it is used for.
  • Export key details. This action exports details such as user, name, description, and status in csv format. It does not export the key itself.

Log integration: The API Key/ID which is used for logs is available on the Log Setup page only. It is not listed here.

Create and manage API keys

Add, edit, enable, disable, reset, and delete API keys.

Note: When you reset an API key, the API ID remains the same and a new key is generated that overrides the previous one.

Account Admin or user with the appropriate permissions:

  1. In the Cloud Security Console, open the Account Users page. For details, see Manage Account Users.

  2. Click a user row to view the user details.

  3. Click Add API Key to generate the API ID and Key.

  4. Copy the details from the popup window. Once the pop up window with the generated ID & key is closed, you will no longer be able to retrieve the key.

User with limited permissions:

Note: Users with access to the Cloud Security Console's new My Profile page can now manage their API keys on that page. They are no longer able to access the API Keys page.

For more details, see My Profile

  1. In the Cloud Security Console top menu bar, click Account > Account Management.

  2. On the sidebar, click User Management > API Keys.

  3. Click Add API Key to create a new key.

  4. Copy the details from the popup window. Once the popup window with the generated ID and key is closed, you will no longer be able to retrieve the key

  5. Select an option under the More column to edit, enable/disable, reset, or delete a key.

Examples

API key expiration

When you create or reset an API key, you can set an expiration date. By default, API keys do not expire.

You can select the following time periods for expiration:

  • 3 months
  • 6 months
  • 1 year
  • Never

Grace period

  • Expired API key: When an API key has expired, you can still use it for a grace period of two weeks.
  • Reset API key: When you reset an existing API key, the previous key will still work for a period of two weeks from its expiration date or from the time it is reset - whichever comes first.
  • Additional reset during the two week grace period: Resetting the key more than once within the grace period cancels any earlier key resets. The grace period is valid for the last reset only. The keys generated by previous resets are no longer valid.

Extending the validity period of the API key

Email notifications will be sent to you before the API key expires. The email will include a link enabling you to extend the validity of the API key for two weeks.

Read More