Workbench allows you to create and manage your API keys via service accounts. Each service account has specific access restrictions or role settings and can hold and organize multiple API keys, and you may create multiple service accounts if you choose.
For help with the Workbench API, go to the API reference docs.
Note
An API key is different from a temporary access token. Temporary access tokens expire in 13 hours while API keys do not expire.
Prerequisites
- You must have API access to view the Service Accounts page and to generate API keys (contact sales to upgrade).
- You must have admin privileges in Workbench to manage service accounts or API keys.
Quick Links
Generate Your First API Key
To generate an API key, you must first create a service account. Remember, you must have API access to view the Service Accounts page in Workbench.
- Log in to Workbench.
- In the side menu, navigate to Organization Settings > Service Accounts. If you have multiple organizations, you must select the appropriate organization name from the list.
- Select Add Service Account.
- Complete the fields as follows:
- Service Account Name - enter a name that might help you easily identify this service account.
- Workbench Service Account Role - select the appropriate role for this service account (organization admins can access all API calls; organization analysts can perform common non-administrative API calls like marking investigative actions complete or sending remediation actions to another tool, but they cannot perform administrative calls like adding context or users).
- To enable read-only API access for the service account, select the Read-only Access checkbox.
- Select Save.
- In the new service account, select Generate API Key.
- Enter a name for the API key, then select Next.
- Copy the API key and save it to a safe place (this is the only time you can view your API key), then select Done.
Manage Your Service Accounts
If you want your API keys to have different permission levels, you must create different service accounts. Each service account has its own permission settings that apply to all of the API keys within it.
You can edit, delete, or disable your service accounts at any time on the Service Accounts page (Organization Settings > Service Accounts). If you have multiple organizations, you must first select the appropriate organization name from the list.
Note
Use caution when deleting, as you cannot restore a deleted service account. Deleting a service account will also delete all of its API keys.
Manage Your API Keys
If you have multiple service accounts, you must generate your API key within the service account that has the permission level you want to set. The API key takes on the permissions of the service account it is in.
You can generate API keys or delete them at any time on the Service Accounts page (Organization Settings > Service Accounts). If you have multiple organizations, you must first select the appropriate organization name from the list.
Note
Use caution when deleting, as you cannot restore a deleted API key. Make sure the key is not used by critical services or processes before you delete it.