# Configuring API keys for external systems

To enable specific security scanning and AI-powered analysis features, API keys must be configured in ScanSuite. Follow the steps below to set up the necessary API keys.

Open the **Settings** menu:

<figure><img src="https://4294115650-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnKyTIO2cfH1PztWRwJEe%2Fuploads%2FaSvqXw06qzpVx64F99TP%2Fimage.png?alt=media&#x26;token=71f90547-6835-45b4-a848-196af1516c0e" alt=""><figcaption></figcaption></figure>

#### **1. OpenVAS Configuration** *(Infrastructure Scans)*

ScanSuite requires OpenVAS credentials to execute infrastructure scans.

* Specify the **OpenVAS URL, login, and password** in the ScanSuite settings.
* OpenVAS can be installed on either the **same host** as ScanSuite or a **separate server**.
* Follow the official installation guide:\
  🔗 [OpenVAS Installation Guide](https://greenbone.github.io/docs/latest/22.4/container/index.html)

***

#### **2. OpenAI API Configuration** *(AI-Powered Features)*

**OpenAI API** specification is supported for AI-generated content, such as **custom scanning rules or static code analysis**.

Both local and cloud LLMs are supported.&#x20;

* Obtain an API key at:\
  🔗 [OpenAI API Key Management](https://platform.openai.com/api-keys)
* Or set up the connection to the LLM in local network: \
  🔗 [Ollama OpenAI setup ](https://ollama.com/blog/openai-compatibility)

***

#### **3. Dehashed API Key** *(Leaked Credentials, OSINT)*

**Deshashed API key** is required for to query leaked credentials for domain names, analysed during Infrastructure OSINT scan.

* Obtain an API key at:\
  🔗 [Dehashed API Key Management](https://dehashed.com/)

***

#### **4. Shodan API key**  *(OSINT Scan)*

**Shodan API key** is required to check for the known services and vulnerabilities for the hosts discovered during the Intrastructure OSINT scan.

* Obtain an API key at:\
  🔗 [Shodan API Key Management](https://developer.shodan.io/api/requirements)

***

#### **5. Snyk API Key** *(SCA & SAST Scans)*

A **Snyk API key** is required for **Snyk-based security scans**. Obtain a free API key by following these steps:

1. **Create a Snyk account**:\
   🔗 [Sign Up or Log In to Snyk](https://app.snyk.io/login)
2. **Enable Snyk Code**:
   * Navigate to: [Snyk Code Management](https://app.snyk.io/org/YOUR_USERNAME/manage/snyk-code)
   * Enable **Snyk Code** for static code analysis.
3. **Generate an API Token**:
   * Go to: [Snyk Account Settings](https://app.snyk.io/account/)
   * Create and copy your **Auth Token**.

***

#### **Entering API Keys in ScanSuite**

1. Navigate to **ScanSuite Settings**.
2. Locate the respective fields
3. Enter the keys exactly as provided by the respective platforms.
4. Click **Save** to apply the settings.

<figure><img src="https://4294115650-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FnKyTIO2cfH1PztWRwJEe%2Fuploads%2FcdbNMw2unm3JIlLhui69%2Fimage.png?alt=media&#x26;token=61c5837e-e1d2-46be-9235-7cef25917a82" alt=""><figcaption></figcaption></figure>