Overview
API keys provide programmatic access for integrations and automation. Cysmiq supports personal keys and workspace keys.Key types
| Key type | Where you manage it | Scope | Notes |
|---|---|---|---|
| Personal API key | User security settings | User scoped | Can be restricted to specific workspaces |
| Workspace API key | Workspace security settings | Tenant scoped | Managed by workspace admins |
Scopes
Available scopes in the UI:| Scope | API value | Description |
|---|---|---|
| Read vulnerabilities | vulnerabilities:read | Access vulnerability lists, summary data, details, and vulnerability locations for repositories |
| Update vulnerabilities | vulnerabilities:write | Update vulnerability workflow metadata such as assignees |
| Read policy violations | policy-violations:read | Access policy violation lists and details for repositories |
| Read scans | scans:read | Access scan lists and status for repositories |
| Read organizations | organizations:read | Access organization lists and details |
| Read repositories | repositories:read | Access repository lists and details |
| Read applications | applications:read | Access application lists and details |
| Read tenants | tenants:read | List the workspaces the key can access |
applications:read or tenants:read was available, create a new key with those scopes to use application or tenant list endpoints.
Expiration options
The field is labeled Expires in the UI.- 7 days
- 30 days
- 90 days
- 180 days
- 365 days
- Never
Key lifecycle
- Create: Name the key, choose scopes, select an expiration, and optionally restrict the key to one or more workspaces
- One time display: New keys are shown once. Copy and store them securely
- Status: Keys are marked Active, Expired, or Disabled
- Usage details: View created time, last used time, expiration date, scopes, and any workspace restrictions
- Revoke: Revoke a key to permanently disable it