Find the agent keys

The organization keys are values that represent the organization. They are sent by the agent (and API users) to identify which organization is being accessed.

  • Organization ID

  • API key

  • Contrast URL

Agent keys are common to all agents in an organization. They are values that represent and identify the agents:

  • Agent username

  • Agent service key


You can find all key values for your instance of Contrast (except the Organization ID) in the contrast_security.yaml if you download it from Contrast.

You can also view organization keys, along with your personal keys under your profile.

To view these keys:

  1. Select User name > Organization settings in the top right corner.

  2. Select API to see the values for organization keys and agent keys.


    The Contrast URL is, or the URL of your on-premises or private cloud instance.


    If you don't see the agent username or service key on this page, it may mean that a license has not been applied to your organization. Contact Support for help with this.

  3. You can Rotate agent keys to generate new keys if your credentials have been compromised.


    Rotating agent service keys will take all agents offline. Your applications will still function, but data will not be sent to Contrast. To begin using the new credentials, reconfigure the agents and restart your applications. You can use a credential management system to coordinate this change among your systems.