Skip to main content

Find the agent keys

Agent keys are values that authenticate the agents. Unlike user and service level authentication, they can only be used to report data collected for your organization; they cannot be used for UI access or data retrieval. Your organization can have multiple agent keys with different authentication credentials.

By using different agent keys for each team or service instead of a single, shared agent key, you can reduce security risks and gain more granular control over agent deployments.

Important

If you download a YAML configuration file from Contrast instead of using the configuration that an agent wizard creates (select Add new in the top right, select Live Application, and go to the Configuration step), the file is pre-populated with the agent keys for a specified agent key name.

If you create your own YAML file, you'll need to add the keys yourself.

Contrast provides a default agent key. Configure agent keys describes how to add multiple agent keys.

Preferred keys

The preferred key to use when installing agents is the Agent token. The Agent token replaces these legacy keys: Agent service key, Agent username, API key, and Contrast URL.

The agent versions that support the Agent token are:

  • Java 6.10.1 or later

  • .NET Framework 51.0.40 or later

  • .NET Core 4.2.22 or later

  • Node.js 5.15.0 or later

  • Python 8.6.0 or later

  • PHP 1.34.0 or later

  • Go 6.11.0 or later

Legacy keys

Note

Currently, you can continue to use the legacy keys instead of the preferred Agent token. For new agent deployments, however, it's best to use the Agent token.

For older agents, these keys are required when installing agents:

  • Agent key name (API__user_name)

  • Agent service key

  • API key

    This API key is for all agents. For the API key to use with custom scripts, use the API key under User settings.

  • Contrast URL

Steps

  1. Select User name > Organization settings in the top right corner.

  2. Select Agent keys.

    Note

    If you don't see the keys on this page, it may mean that a license has not been applied to your organization. Contact Support for help with this.

  3. Select a key name.

    Image shows a list of agent key names that you can select.

  4. Copy the keys you need.

    AgentKeyUser.png

    1. For newer agents, copy the agent key name and the agent token.

    2. For older agent, select Legacy agent keys and copy the displayed keys.

      • The Contrast URL is https://<environment>-agents.contrastsecurity.com/Contrast, or the URL of your on-premises or private cloud instance.

In this section: