Guides
/
Provider Configuration
/
Rapid7 InsightVM Configuration Guide

This guide walks you through creating a Platform API key and gathering the configuration needed to create a Rapid7 InsightVM integration for vulnerability findings.

Configure a new Rapid7 Platform API key

1. Log in to Rapid7 InsightVM product as an administrator

Once logged in, click the small settings gear in the top right corner and go to 'Users'.

2. Create a user with the correct minimum permissions

API Keys have the same permissions as the user they are associated with. You may use an existing user for this purpose; however, it is suggested you create a user specific to this integration that only has the necessary permissions. To do this, click the 'Create User' button.

Fill in a first and last name and email address. You need access to this email to activate the user once created, but it is not necessary that the user corresponds to an actual human. In production, it is advisable to create a service account and ensure that the service account only has the minimal permissions required.

Assign the user to the 'InsightVM' product under the Manage Individual Permissions > Products tab.

  • Your Organization name

Assign the user to the following roles (or higher) in Manage Individual Permissions > Roles tab:

  • Administrator (shared)

Click Add User to confirm creation.

Log out of Rapid7 InsightVM product.

Open the email account associated with the user or service and find the link to activate the account in Rapid7 InsightVM.

3. Create the Platform API key

Log in with the user/service you would like to associate with your integration. It is suggested you create one with the minimum assigned roles as described in step 2.

Once logged in, click the small settings gear in the top right corner and go to API Keys.

On the left side Navigation, you will find API KEY MANAGEMENT > Organization Keys.

Follow the Rapid7 documentation for creating an Organization Platform API key.

Once created, copy your API key to a safe location for use as your integration token. If you lose the key, you cannot view it again. You will need to generate a new token.

Configure the Integration

Create your integration by supplying all configuration values.

URL
Select the regional URL you would like to use for Rapid7's InsightVM product. Supply the base URL for your configuration without any path components (e.g., https://us2.api.insight.rapid7.com).

Token
This is the Platform API key gathered in step 3.

Previous page
Next page