This guide walks you through creating a **Tenable Web Application Scanner (WAS)** integration.

## Configure New API Keys for Integration

### 1. Create a Service Account

Log in to Tenable as an administrator, click the Settings gear in the top right corner, and go to **Access Control**.

- Create a service user account using an email that is not tied to an individual employee.
- Assign the new account the minimal role of **Basic User**.
- Log out of the administrator account, then log in using the newly created service account.


### 2. Create API Keys for Service Integration

Click on the profile avatar for the logged-in user and navigate to the user's **My Profile**.

- In the left-side navigation, select **API KEYS**.
- In the bottom-right, click the **Generate** button. A warning in the top-right will appear, stating that this operation will overwrite any previously generated keys. Click **Continue**.
- You will be provided with two keys: **access key** and **secret key**. Copy and store these in a secure vault for later use.


## Configure the Integration

Create your integration by supplying all configuration values.

**Secret:**
`accessKey=access-key;secretKey=secret-key` (copy the keys from Step 2 above)