Authorization
Virustotal
Prerequisites
Before creating a VirusTotal credential, you need to obtain your Personal API Key from your VirusTotal account. VirusTotal uses API key authentication for all API requests, with the key sent in the x-apikey header.
To obtain your VirusTotal Personal API Key, follow these steps:
-
Sign in to your VirusTotal account using your administrator credentials.
-
Navigate to your account settings by clicking on your profile icon in the top right corner of the VirusTotal dashboard, then select My API Key or API Settings.
-
In your account settings, navigate to the API Key section or Personal API Key tab.
-
If you don't have a personal API key yet, click Generate API Key or Create API Key to create a new personal API key.
-
Configure your API key settings:
- Enter a name for the API key (e.g., "Nexla Integration")
- Review the API key permissions or scopes (if applicable)
- Click Create or Generate to create the API key
-
After the API key is created, copy the Personal API Key value immediately, as it may not be accessible again after you navigate away from the page.
-
Store the API key securely, as you will need it to configure your Nexla credential. The Personal API Key is sensitive information and should be kept confidential.
The Personal API Key is sent in the x-apikey header for all API requests to the VirusTotal API. The key authenticates your requests and grants access to VirusTotal resources based on your account permissions. If your API key is compromised, you should immediately revoke it in your VirusTotal account settings and generate a new one. For detailed information about obtaining personal API keys, API authentication, and available endpoints, refer to the VirusTotal API documentation.
Create a VirusTotal Credential
- To create a new VirusTotal credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
New Credential Overlay – VirusTotal
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
API Key Authentication
VirusTotal uses API key authentication for all API requests. The Personal API Key is sent in the x-apikey header.
-
Enter your API Key in the API Key field. This is the VirusTotal Personal API key. Your API key can be found in your VirusTotal account user menu. The API key is sent in the x-apikey header for all API requests to the VirusTotal API. The API key is sensitive information and must be kept confidential.
Your VirusTotal Personal API key can be found in your VirusTotal account user menu under My API Key or API Settings. The API key is sent in the x-apikey header for all API requests to the VirusTotal API.
If your API key is compromised, you should immediately revoke it in your VirusTotal account settings and generate a new one. The Personal API Key provides access to your VirusTotal account data and should be treated as sensitive information. Keep your API key secure and do not share it publicly.
For detailed information about obtaining personal API keys, API authentication, and available endpoints, see the VirusTotal API documentation and VirusTotal API overview.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.