Differently from other platforms, CWS (Cloud Web Security) won't require the administrator to install/load the keys. Once the customer/partner buys the license, there is a process to provision the environment. Usually, the environment is provisioned before that process, during the POV (Proof of Value) phase. If you customer (or you) didn't run a POV and you are buying the product without the POV, you will need to get the environment provisioned, receive the information on how to access the CWS portal, create configurations and run some tests. After that, the environment is good to go, meaning, no need to get licenses/keys.
The ordering guide can be found here (Cisco ScanSafe Web Security - Cisco)
Hope that helps.