Generating API Keys

Use a Key Id and Key Secret to access the REST APIs of IBM Application Security on Cloud and to log in from some of the Application Security on Cloud client tools (for example, from the Jenkins plug-in and from the static analysis CLI and IDE plug-ins).

About this task

A Key Id is unique to each user. If you do not have a Key Id, or if you have lost your Key Secret, you can generate a new combination.


  1. Go to Main menu () > Settings - API Key.
  2. Click Generate, and make note of the Key ID and Key Secret for your records.
    Note: You cannot retrieve the Key Secret after you navigate away from this page. A new Key Id and Key Secret are created each time you click Generate. Your previous Key ID will be deleted and replaced with the new one.

What to do next

In Swagger, use the generated Key Id and Key Secret in the /api/v2/Account/ApiKeyLogin REST API to generate a new Bearer token. Then you can use the generated Token in the access token field in the Swagger UI.