Tracking API Usage per User
You can track API usage per user without the need to provide user credentials such as the username and password. Contact Qualys Support to get the X-Powered-By HTTP header enabled. Once enabled, the X-Powered-By HTTP header is returned for each API request made by a user. The X-Powered-By value includes a unique ID generated for each subscription and a unique ID generated for each user.
Sample - Tracking API usage through the X-Powered-By HTTP headerSample - Tracking API usage through the X-Powered-By HTTP header
API request
...
229HTTP/1.1 200 OK
X-Powered-By: Qualys:QAPOD4SJC:f972e2cc-69d6-7ebd-80e6-
7b9a931475d8:06198167-43f3-7591-802a-1c400a0e81b1
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Mon, 04 Dec 2017 05:36:29 GMT
Server: Apache
LBDEBUG:NS=10.44.1.12,SERVER=10.44.77.81:50205,CSW=cs-p04-qualysapi
443,VSERVER=vs-p04-papi-80,ACTIVE-SERVICES=2,HEALTH=100
...
Once X-Powered-By HTTP header is enabled, information is returned in the following format:
X-Powered-By Qualys:<POD_ID>:<SUB_UUID>:<USER_UUID>
where,
POD_ID is the shared POD or a PCP. Shared POD is USPOD1, USPOD2, etc.
SUB_UUID is the unique ID generated for the subscription
USER_UUID is the unique ID generated for the user
For example:
X-Powered-By: Qualys:QAPOD4SJC:f972e2cc-69d6-7ebd-80e6-7b9a931475d8:06198167-43f3-7591-802a-1c400a0e81b1
You can use the USER_UUID to track API usage per user.