It is my understanding that it is possible to use an API key, stored in a (reasonably well protected) local file, to access a CyberArk account programmatically. (The goal here is to avoid storing passwords in a configuration file, for example, and having to update such configuration when the password changes, which happens regularly.)
I am familiar with the API key concept, and have used it for many other online services. In those other cases, it was always straightforward to find instructions on how to obtain an API key. I am having no such luck for CyberArk.
Can someone please point me to instructions for obtaining a CyberArk API key?
In general, all official documentation can be found at docs.cyberark.com. You are looking for [Core Privileged Access Security] - [Developer] part. In [Authentication] you find the REST API calls for the different authentication types. If I understand your question correctly, you want to receive an authentication string which may be stored in a file for future API calls. Unfortunatelly, this is not possible as of now. There is an enhancement request for it, but I would not expect this option to be implemented any time soon - if ever.
What is available are several authentication methods which return an authentication string with a maximum valid period of 60 minutes if you use it permanently. If the token is not used for a certain period, around 10-15 minutes, the token also invalidates.