API tokens
The SixMap API provides programmatic access to your scan data, enabling you to integrate SixMap’s findings into your workflows, reports, and other applications, such as ticket systems. You can explore the API and available endpoints at:
https://api-sixmap.sixmaptech.com/sixmap/swagger
To access the SixMap API, use an authorization (Bearer) token by first generating a token ID
and token secret
in the SixMap app from Organization, API tokens, or Profile, Personal API tokens.
- Token ID: The token ID is a publicly shareable identifier for your API credentials. Similar to a username, the API uses it to identify which set of credentials you are using.
- Token secret: The token secret is a confidential key you must keep secure. Similar to a password, the API uses it to authenticate your requests and prove you're authorized to use the token ID.
When generating API credentials, you can create:
- Organization tokens: Admins create and manage organization API credentials for team, project, or organization-wide integrations, to ensure centralized control and consistent access for multiple users.
- Personal tokens: You create and manage personal API credentials for integrations or tasks, such as testing, that don't involve other users.
After you generate the token ID and token secret, exchange them for an access token to use in your API requests. For details, see Get started.
Generate a token
- In the SixMap app, navigate to:
- Organization, API tokens if you have the Admin role and are creating credentials for team, project, or organization-wide integrations.
- Profile, Personal API tokens if you're creating credentials for API integrations or tasks for your personal use.
- Select Generate new token.
- In the Token name field, provide a descriptive name for your token. For example, Reporting Script or Integration with XYZ.
- Copy the token ID and token secret and store them in a secure location.
info
If you don’t copy the token secret before you close the screen, you will need to generate a new token.
- Select Close.
Copy a token ID
To copy a token ID, navigate to Organization, API tokens, or Profile, Personal API tokens and select [icon] Copy under Token ID next to the token you want to copy. Then, paste the value in a secure location.
You can only copy the token ID portion of a token. If you need a copy of the token secret, such as if you closed the Generate new token screen too soon, delete the token and create a new one.
Delete a token
If necessary, you can delete a token. From Organization, API tokens, or Profile, Personal API tokens, select Delete under Actions next to the token ID you want to remove, then confirm your selection.
Manage user tokens
Organization admins can manage personal tokens for all users from Organization, API tokens. For example, admins can remove tokens for users who no longer work for their organization.
From the API tokens page, select Users to access a table where you can copy token IDs or delete tokens.