Setting up access keys for programmatic access

A tenant administrator can create multiple access keys. Whereas, a user can create only two access keys. For details about the user access key, see Setting up user-level access keys.

To understand the concept of keys, see User access and keys.

Related topic

To create an access key 

  1. Navigate to User access > Users and keys page.
  2. On the Access keys tab, click Add key.
  3. Enter a name for the key.
    The key name provided in this step is only a logical representation that is used for easy identification purposes on the UI. This key name cannot be used to authenticate into the system. 
  4. From the Key type list, select Access key

    Don't select API from the Key type list unless you want to create a key for data ingestion. For more information, see Using API keys for external integrations.

  5. Select the number of days for which you want this key to be valid. 

    You can also set a custom date or set it to never expire. Although you can set the key to never expire, for enhanced security purposes, we recommend that you set a definite key expiry date. After the key expires, you can extend the date by editing the access key.

  6. Click Confirm. You can now assign groups and roles to this user.
  7. From the Key details pane, copy the access key and the secret key.

    Can I copy the secret key later?

    The secret key is available for copying only when it is generated for the first time. After that, it is stored in an encrypted format and you cannot copy it. If you do not copy the secret key when it is generated or if you lose it, you must generate a new one.

  8. (Optional) To assign appropriate permissions to the access key:

    • If you have user groups that are associated with roles containing appropriate permissions, assign user groups.

    • If you have roles with appropriate permissions, assign roles.
      You can also assign groups and roles later by clicking Actions > Key details

  9. Close the Key details pane.

Managing access keys

Navigate to the User access > Users and keys page, and click the Access keys tab.

From the Key details pane (Actions menu of an access key), you can do the following:

Modify the key expiryProvide a custom value for the key expiry or set it to never expire.
All Administrator group members and the user who created and modified the key receive an email notification two days before the key expires.
Change the user group and role assignments

In the Assignments section, click Select to select appropriate user groups or roles.

When the user group or role assignments change, the impacted users receive a bell notification.

Generate a new secret key

In scenarios where you want to delete the existing secret key or you have lost the existing secret key, you can generate a new one by clicking Generate new secret key.

You can copy the secret key immediately after it is generated. After you close the window, the secret key is stored in an encrypted format and is unavailable for copying.


(Only for BMC Helix Operations Management)

Do not generate a new secret key for access keys where the key name begins with <Tenant ID@>

For more information, see  Troubleshooting Open link .

Copy the key details (access key, secret key, and tenant ID).

The keys are copied in the following format: key:<access key>::<secret key>,tenant id: <tenant ID>

The secret key is available for copying only during creation of a new key. After that, it is copied in an encrypted format. If you do not copy the secret key when it is generated or if you lose it, you must generate a new one.

From the Actions menu of an access key, you can delete an access key, view permissions, or activate or deactivate a key.

Was this page helpful? Yes No Submitting... Thank you