Authentication
The Secure Access API provides a standard REST interface and supports the OAuth 2.0 Client Credentials Flow. To get started, sign in to Secure Access and create your Secure Access API keys.
Note: API keys, passwords, secrets, and tokens allow access to your private customer data. Never share your credentials with another user or organization.
API Key Use Cases
You can use your Secure Access API keys in client programs that interact with the Secure Access platform. Create Key Admin keys to manage your Secure Access API keys.
| Key Type | Description | Use Cases |
|---|---|---|
| Secure Access API key | Secure, intent-based API key with configured key scopes and permissions and expiration date. | View and manage your network connections, users, policies, and reports. |
| Secure Access Key Admin API key | Secure API key with configured permissions and expiration date. | Create and manage the Secure Access API keys in your organization. |
Prerequisites
- You must have a Cisco Secure Access user account with the Full Admin user role.
- You must have a Cisco Security Cloud Single Sign On (SCSO) account to sign in to Secure Access.
For more information, see Cisco Secure Access Help.
Sign in to Secure Access
Sign in to Secure Access with the following URL:
https://dashboard.sse.cisco.com
Manage API Keys
Create and manage Secure Access API keys.
Create an API Key
Create an API key and secret.
Note: You have only one opportunity to copy your API secret. Secure Access does not save your API secret and you cannot retrieve the secret after its initial creation.
Navigate to Admin > API Keys.
Click API Keys and then click Add.
- The number of expired API keys appears next to the red triangle.
- The number of API keys that expire within 30 days appears next to the yellow triangle.
Enter a name and description for the key. A name must contain fewer than 256 characters. The key description is optional.
Check the key scopes and expand a key scope to view the scope categories. Check each scope category in a key scope to enable access to the API endpoints. For information about the Secure Access API key scopes, see OAuth 2.0 Scopes.
Choose Read Only or Read / Write for the selected scope and resource.
For Expiry Date, choose the expiration date for the key, or choose Never expire.
(Optional) For Network Restrictions, enter a comma-separated list of public IP addresses or CIDRs, then click ADD. Click on the X to remove a network address.
Note: You can add up to ten networks to your API key. You can only use your API key to authenticate requests for clients on the selected networks.
Click Create Key.
Copy and save your API Key and Key Secret.
Click Accept And Close.
Refresh a Secure Access API Key
Refresh a Secure Access API key and secret.
Note: You have only one opportunity to copy your API secret. Secure Access does not save your API secret and you cannot retrieve the secret after its initial creation.
Navigate to Admin > API Keys.
Click API Keys, and then expand an API key.
Click Refresh Key.
Copy and save your API Key and Key Secret.
Click Accept and Close.
Update a Secure Access API Key
Update a Secure Access API key.
Navigate to Admin > API Keys.
Click API Keys, and then expand an API key.
You can modify the API Key Name, Description, selected scopes in Key Scope, and Expiry Date.
For Network Restrictions, update the list of IP addresses and CIDRs. Click on the X to remove a network address.
Click Save.
Delete a Secure Access API Key
Delete a Secure Access API key.
Navigate to Admin > API Keys.
Click API Keys, and then expand an API key.
Click Delete. In the dialog window, click Delete to remove the API key from your organization.
Manage Key Admin API Keys
Create and manage Secure Access Key Admin API keys.
Create Key Admin Key
Create a Key Admin API key and secret.
Note: You have only one opportunity to copy your API secret. Secure Access does not save your API secret and you cannot retrieve the secret after its initial creation.
Navigate to Admin > API Keys.
Click Key Admin Keys, and then click Add.
- The number of expired API keys appears next to the red triangle.
- The number of API keys that expire within 30 days appears next to the yellow triangle.
Enter a name and description for the key. A name must contain fewer than 256 characters. The description is optional.
Check the permissions for the key.
For Expiry Date, choose the expiration date for the key, or choose Never expire.
(Optional) For Network Restrictions, enter a comma-separated list of public IP addresses or CIDRs, then click ADD. Click on the X to remove a network address.
Note: You can add up to ten networks to your API key. You can only use your API key to authenticate requests for clients on the selected networks.
Click Create Key.
Copy and save your Key Admin Key and Key Secret.
Click Accept And Close.
Refresh Key Admin Key
Refresh a Key Admin API key and secret.
Note: You have only one opportunity to copy your API secret. Secure Access does not save your API secret and you cannot retrieve the secret after its initial creation.
Navigate to Admin > API Keys.
Click Key Admin Keys, and then expand an API key.
Click Refresh Key.
Copy and save your Key Admin Key and Key Secret.
Click Accept and Close.
Update Key Admin Key
Update a Key Admin API key.
Navigate to Admin > API Keys.
Click Key Admin Keys, and then expand an API key.
You can modify the Key Admin Key Name, Description, Permissions, and Expiry Date.
For Network Restrictions, update the list of IP addresses and CIDRs. Click on the X to remove a network address.
Click Save.
Delete Key Admin Key
Delete a Key Admin API key.
Navigate to Admin > API Keys.
Click Key Admin Keys, and then expand an API key.
Click Delete. In the dialog window, click Delete to remove the Key Admin API key from your organization.
