Create Custom Scripts with GitHub URL and Parameter API

For API version information, refer to the API Version History section.

v2.0 | v4.0 | v5.0

v2.0

This API lets you create custom scripts with GitHub and URL.

POST/sm/v2/script

Input ParameterInput Parameter

Parameter Mandatory/Optional Data Type Description
title Mandatory String Use it to provide the name of the script.
description Optional String Use it to provide the script description
categoryId Optional Long Use it to provide the category of script based on categories like general automation, data collection, and backup
platform Mandatory String  Use it to provide the platform like WINDOWS,LINUX,UNIX, and MAC.

severity		 Mandatory  Short Use it to provide the severity 
level that defines the criticality 
of the script. Select a value from 
1 to 5.
threshold Optional Integer Use it to provide the specific 
time that defines how long the 
script must run. You can specify 
the time in seconds, hours and 
minutes
thresholdTimeUnit Optional String Use it to provide the time to 
specify in SECONDS, HOURS, 
MINUTES.
languageId  Mandatory Integer Use it to provide the ID to get the list of valid languages.
gitHubSyncEnabled Optional Boolean Use it to enable the GitHub script to sync with the created script.
gitHubAutoSync Optional Boolean Use it to enable GitHub autosync with the created script
gitHubUser Mandatory  String  Use it to provide a github user that has a github account.
gitHubRepo  Optional   String  Use it to provide the name of the github repository
gitHubBranch   Optional   String Use it to provide the github branch name.
gitHubFilePath   Mandatory  String  Use it to provide a relative github file path for which we want to create as script content.
gitHubToken   Optional  String Use it to provide a github token to access a private github repository. For private repository it is mandatory
scriptApprovalUserCo nsent  Optional Boolean Use it to create a script in an approval state or not
githubInputUrl   Optional  String Use it to provide a complete github file path for which we want to create as script content.

Sample 1: Create Script with URL Sample 1: Create Script with URL

API Request:

curl -X POST '<qualys_base_url>/sm/v2/script' \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data-raw '{
 "title": "<sample-file-name>",
 "description": "Sample Description",
 "categoryId": 2,
 "platform": "WINDOWS",
 "severity": 3,
 "threshold": 300,
 "thresholdTimeUnit": "SECOND",
 "languageId": 4,
 "typeId": 1,
 "githubInputUrl": "<github-file-url>"
}'

Rquest Body:

{
 "title": "{{scriptTitle}}",
 "description": "Sample Description",
 "categoryId": 2,
 "platform": "WINDOWS",
 "severity": 3,
 "threshold": 300,
 "thresholdTimeUnit": "SECOND",
 "languageId": 4,
 "typeId": 1,
 "githubInputUrl": "https://github.com/ruanyf/simple-bashscripts/blob/master/scripts/hello-world.sh"
}

Response:

{
 "errorCode":"0",
 "message":"Script created successfully",
 "body":{
 "id":61179
}
}

Sample 2: Create Scripts with GitHub ParametersSample 2: Create Scripts with GitHub Parameters

API Request:

curl -X POST '<qualys_base_url>/sm/v2/script' \
--header 'Authorization: Bearer <authToken>' \
--header 'Content-Type: application/json' \
--data-raw '{
     "title":"{{scriptTitle}}",
     "description":"Sample Description",
     "categoryId":2,
     "platform":"WINDOWS",
     "severity":3,
     "threshold":300,
     "thresholdTimeUnit":"SECOND",
     "languageId":201,
     "gitHubUser":"Qualys",
     "gitHubRepo":"community",
     "gitHubBranch":"",
     "gitHubFilePath":"assetcount/README.md"
}'

Request Body:

{
 "title":"{{scriptTitle}}",
 "description":"Sample Description",
 "categoryId":2,
 "platform":"WINDOWS",
 "severity":3,
 "threshold":300,
 "thresholdTimeUnit":"SECOND",
 "languageId":201,
 "gitHubUser":"Qualys",
 "gitHubRepo":"community",
 "gitHubBranch":"",
 "gitHubFilePath":"assetcount/README.md"
}

Response:

{
 "errorCode":"0",
 "message":"Script created successfully",
 "body":{
 "id":61180
 }
}

Sample 3: Create Scripts with GitHub Parameters Using Private RepositorySample 3: Create Scripts with GitHub Parameters Using Private Repository

API Request

"curl -X POST""<qualys_base_url>/sm/v2/script""
--header""Authorization: Bearer <authToken>""
--header""Content-Type: application/json""
--data-raw""{
 "title": "<sample-file-name>",
 "description": "Sample Description",
 "categoryId": 2,
 "platform": "LINUX",
 "severity": 3,
 "threshold": 300,
 "thresholdTimeUnit": "SECOND",
 "languageId": 6,
 "gitHubUser": "<private-github-username>",
 "gitHubRepo": "<private-github-repository-name>",
 "gitHubBranch": "<private-github-branch>",
 "gitHubFilePath": "<private-github-filepath>",
 "gitHubToken" : "<private-github-token>"
}"

Request Body

{
    "title":"{{scriptTitle}}",
    "description":"Sample Description",
    "categoryId":2,
    "platform":"LINUX",
    "severity":3,
    "threshold":300,
    "thresholdTimeUnit":"SECOND",
    "languageId":6,
    "gitHubUser":"smqa123",
    "gitHubRepo":"SM_QA_PRIVATE",
    "gitHubBranch":"main",
    "gitHubFilePath":"Blacklisted",
    "gitHubToken":"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"
}

Response:

{
    "errorCode":"0",
    "message":"Script created successfully",
    "body":{
        "id":61186
    }
}

Sample 4:Create Script by with GitHub URLs Using Private RepositorySample 4:Create Script by with GitHub URLs Using Private Repository

API Request:

"curl --location --request POST"<qualys_base_url>/sm/v2/script"\\
-H""Authorization: Bearer <JWT Token>""--header""Content-Type: 
application/json""\\
--data-raw""{
\"title\": \"giturl_private_api_201446\",
\"description\": \"Sample Description\",
\"categoryId\": 2,
\"platform\": \"WINDOWS\",
\"severity\": 3,
\"threshold\": 300,
\"thresholdTimeUnit\": \"SECOND\",
\"languageId\": 4,
\"typeId\": 1,
\"gitHubToken\" : \"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\",
\"githubInputUrl\": 
\"https://github.com/smqa123/SM_QA_PRIVATE/blob/main/Blacklisted\"
}

Request Body:

{
 "title":"{{scriptTitle}}",
 "description":"Sample Description",
 "categoryId":2,
 "platform":"WINDOWS",
 "severity":3,
 "threshold":300,
 "thresholdTimeUnit":"SECOND",
 "languageId":4,
"typeId":1,
 "gitHubToken":"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",
 
"githubInputUrl":"https://github.com/smqa123/SM_QA_PRIVATE/blob/main/Blac
klisted"
}

Response:

{
 "errorCode":"0",
 "message":"Script created successfully",
 "body":{
 "id":61403
 }
}

To know the details of the response codes, refer to Appendix.

v4.0

POST/sm/v4/script

Input ParametersInput Parameters

Parameter Mandatory/Optional Data Type Description
title Mandatory String Use it to provide the name of the script.
description Optional String Use it to provide the script description
categoryId Optional Long Use it to provide the category of script based on categories like general automation, data collection, and backup
platform Mandatory String  Use it to provide the platform like WINDOWS,LINUX,UNIX, and MAC.
severity

Mandatory

  Short Use it to provide the severity 
level that defines the criticality 
of the script. Select a value from 
1 to 5.
threshold Optional Integer Use it to provide the specific 
time that defines how long the 
script must run. You can specify 
the time in seconds.
languageId  Mandatory Integer Use it to provide the ID to get the list of valid languages.
gitHubSyncEnabled Optional Boolean Use it to enable the GitHub script to sync with the created script.
gitHubAutoSync Optional Boolean Use it to enable GitHub autosync with the created script
gitHubUser Mandatory  String  Use it to provide a github user that has a github account.
gitHubRepo  Optional   String  Use it to provide the name of the github repository
gitHubBranch   Optional   String Use it to provide the github branch name.
gitHubFilePath   Mandatory  String  Use it to provide a relative github file path for which we want to create as script content.
gitHubToken   Optional  String Use it to provide a github token to access a private github repository. For private repository it is mandatory
scriptApprovalUserCo nsent  Optional Boolean Use it to create a script in an approval state or not
githubInputUrl   Optional  String Use it to provide a complete github file path for which we want to create as script content.

Sample: Create Scripts with GitHub ParametersSample: Create Scripts with GitHub Parameters

API Request

curl -X POST '<qualys_base_url>/sm/v4/script'  
--header 'Authorization: Bearer <authToken>' 
--header 'Content-Type: application json' 
--data-raw '
{
     "title":"{{scriptTitle}}",
     "description":"Sample Description",
     "categoryId":2,
     "platform":"WINDOWS",
     "severity":3,
     "threshold":300,
     "thresholdTimeUnit":"SECOND",
     "languageId":201,
     "gitHubUser":"Qualys",
     "gitHubRepo":"community",
     "gitHubBranch":"",
     "gitHubFilePath":"assetcount/README.md"
}'  

Response:

{
     "errorCode":"0",
     "message":"Script created successfully",
     "body":{
         "id":61180
     }
}

v5.0

POST/sm/v5/script

Input ParametersInput Parameters

Parameter Mandatory/Optional Data Type Description
title Mandatory String Use it to provide the name of the script.
description Optional String Use it to provide the script description
categoryId Optional Long Use it to provide the category of script based on categories like general automation, data collection, and backup
platform Mandatory String  Use it to provide the platform like WINDOWS,LINUX,UNIX, and MAC.
severity

Mandatory

  Short Use it to provide the severity 
level that defines the criticality 
of the script. Select a value from 
1 to 5.
threshold Optional Integer Use it to provide the specific 
time that defines how long the 
script must run. You can specify 
the time in seconds.
languageId  Mandatory Integer Use it to provide the ID to get the list of valid languages.
gitHubSyncEnabled Optional Boolean Use it to enable the GitHub script to sync with the created script.
gitHubAutoSync Optional Boolean Use it to enable GitHub autosync with the created script
gitHubUser Mandatory  String  Use it to provide a github user that has a github account.
gitHubRepo  Optional   String  Use it to provide the name of the github repository
gitHubBranch   Optional   String Use it to provide the github branch name.
gitHubFilePath   Mandatory  String  Use it to provide a relative github file path for which we want to create as script content.
gitHubToken   Optional  String Use it to provide a github token to access a private github repository. For private repository it is mandatory
scriptApprovalUserCo nsent  Optional Boolean Use it to create a script in an approval state or not
githubInputUrl   Optional  String Use it to provide a complete github file path for which we want to create as script content.

hasParameters

Optional

(This is mandatory only if you want to define the params.key and params.value parameter.)

Boolean

Provide this value as true if you want to define the script parameters.

Default value is false.

Note: This parameter is only applicable when you want to create a parameterized script.

params.key

Mandatory

(This is mandatory when the hasParameters value is true.)

String

Provide the Base64 encoded string value.

params.value

Mandatory

(This is mandatory when the hasParameters value is true.)

String

Provide the Base64 encoded string value.

Sample: Create script with GitHubSample: Create script with GitHub

API Request

curl -X POST 
'<qualys_base_url>/sm/v5/script'
--header 'Accept: application/vnd.qualys.car.api.v5.0+json'
--header 'Authorization: Bearer <authToken>'
--header 'Content-Type: application/json'
--data-raw 
{
    "categoryId": 605,
    "githubInputUrl": "<sample github url>",
    "gitHubToken": "<sample github token of private repo>",
    "gitHubUser": "<sample username>",
    "gitHubRepo": "<sample repo name>",
    "gitHubBranch": "<sample branch name>",
    "gitHubFilePath": "<sample github file path>",
    "description": "sample description",
    "platform": "WINDOWS",
    "severity": "3",
    "threshold":300,
    "title": "Sample title",
    "typeId": 2,
    "languageId": 1,
    "scriptApprovalUserConsent": true,
    "hasParameters": true,
    "customQid": {
        "qid": "",
        "type": "Detection QID",
        "severity": "4",
        "qds": "75",
        "vulnerabilityType": "Potential",
        "cveIds": "CVE-2023-3452",
        "detectionLogic": "Use Script",
        "returnCodeStatusMap": [
            {
                "returnCode": "1",
                "status": "Not-Detected"
            },
            {
                "returnCode": "5",
                "status": "Detected"
            }
        ]
    },
     "params": [
        {
            "key": "string",
            "value": "string"
        }
    ]
}

Response:

{
    "errorCode": "0",
    "message": "Script created successfully",
    "body": {
        "id": 100504
    }
}

API Version History

The following table depicts the information about the different versions of this API along with the status:

API Version API Status Release Date
/sm/v5/script Active Feb 2025
/sm/v4/script To be deprecated June 2025
/sm/v2/script To be deprecated Feb 2025

©2025 Qualys, Inc. All rights reserved. Privacy Policy.