Cato Networks Knowledge Base

Generating API Keys for the Cato API (EA - Configuration API)

  • Updated

This article explains how to generate an API key for the read-only and for the write Cato APIs.


Note: This is an Early Availability (EA) feature that is only available for limited release. For more information, contact your Cato Networks representative or send an email to

Overview of Cato API Keys

The API Keys Management screen lets you generate API keys in the Cato Management Application that are used to authenticate to the Cato API server. Enter the API key for an API client (such as Postman or Altair) or for scripts to run API calls.

Cato supports two types of API calls:

  • View permissions - Perform read-only API calls to retrieve data for your account

  • Edit permissions (EA) - Perform write API calls to make changes to your account

Make sure that you copy the API key from the pop-up window. Once you close the pop-up window, you can't access the key again.

Managing API Keys

The API Keys Management screen shows you the API keys for your account. You can use this screen to generate and revoke API keys. The Name for the API key is only used to identify each key and isn't used as part of the authentication process.


Generating an API Key

Generate the key for the Cato API and then paste it in the API client or script.

To generate an API key:

  1. In the navigation menu, click Administration > API Management.

  2. On the API Keys tab, click New. The Create API Key panel opens.

  3. Enter a Key Name.

  4. Select the API Permission for this key.

  5. (Optional) Select a date that the API key Expires at.

    For API keys with Edit permissions, we recommend setting a date that the API key will Expire at.

  6. (Optional) For additional security, in Allow access from IPs, select Specific IP list, and define the IP addresses that are allowed to use this API key.

    The default setting is to allow this API key for Any IP address.

  7. Click Apply. The API key is added and a popup window containing the new API key is displayed.

  8. Click copy.png (Copy) and copy the API Key that is generated by the Cato Management Application and save it to a secure location.

    Once you close this window, you can't access the value for the API key.

  9. Click OK to close the pop-up window.

Revoking an API Key

You can revoke the API key and remove it from the Cato Management Application. Once revoked, the key can't be used to authenticate to the API server.

To revoke an API key:

  1. In the navigation menu, click Administration > API Management.

  2. In the row with the API key, click Delete.png (Delete).

  3. In the confirmation window, click Delete. The API key is revoked and removed from your account.

Was this article helpful?

0 out of 0 found this helpful



Please sign in to leave a comment.