Generating an API key

To invoke the IBM Sovereign Core Compliance center API, you must authenticate your request using a valid API key secret generated within your IBM Sovereign Core Compliance center instance.

Warning: API keys are unique identifiers that grant access to certain aspects of your IBM Sovereign Core Compliance center instance and configurations. Always store API keys securely and limit access authorized individuals in order to prevent unauthorized requests or security-related risk to your data. You cannot recover an API key if it is lost; in this case, you must generate a new one.

Instructions

Refer to the following instructions to generate a new API key in the IBM Sovereign Core Compliance center UI.

  1. Click the key icon in the upper right corner of the IBM Sovereign Core Compliance center UI.
  2. Click Generate API key.
  3. Record the API key value and API key usage details and store these in a secure location. You cannot view the API key secret after closing the dialog box.

An API key, Request header, and API key usage example are displayed.

Note the Authorization header is used to authenticate the API requests. It contains the C_API_KEY type followed by the unique API key secret. For example:
-H "Authorization: C_API_KEY <API_key>"
Additionally, note the unique Instance ID provided as you will need to pass this value in the InstanceId header when using the API. For example:
-H "InstanceId: 0000-0000-0000-0000"

Refer to API reference and authentication for details on the various custom headers required to invoke the IBM Sovereign Core Compliance center API.

Next steps

Refer to the complete index of requests in the IBM Sovereign Core Compliance center API documentation.