- In Cortex XSOAR, navigate to Settings > Integrations > API Keys.
- Select New Key.
- Choose the type of API Key you want to generate based on your desired security level: Advanced or Standard. The Advanced API key hashes the key using a nonce, a random string, and a timestamp to prevent replay attacks. cURL does not support this but is suitable with scripts. Use the example script to create the advanced API authentication token.
- If you want to define a time limit on the API key authentication, mark Enable Expiration Date and select the expiration date and time. Navigate to Settings > Integrations > API Keys to track the Expiration Time field for each API key. In addition, Cortex XSOAR displays an API Key Expiration notification in the Notification Center one week and one day prior to the defined expiration date.
- Provide a comment that describes the purpose for the API key, if desired.
- select a predefined or custom role. For more information about roles, see Roles in Cortex XSOAR.
- Generate the API Key.
- Copy the API key, and then click Close. This value represents your unique
Authorization:{key}.
warning You will not be able to view the API Key again after you complete this step. Ensure that you copy it before closing the notification.