Create an EASM Profile

This API helps you create EASM profiles.

[POST] /easm/v2/profile

Input ParametersInput Parameters

Parameter	Mandatory /Optional	Data Type	Description
name	Mandatory	String	Provide the profile name in the API request body
defaultProfile	Optional	Boolean	Provide the value as true in API request body if you want to save the EASM profile as a default one.
excludeCDNAssets	Optional	String	Provide the value as 'true' if you want to view the CDN assets for EASM LighweightScan. Otherwise, provide the value 'false'. The default value is 'true'. The excludeCDNAssets parameter is supported only if the enableEASMSCAN parameter is set to true.
defaultPurgeRule Frequency	Optional	Numerical	Provide the value within the 0-10 range. The default value is 3. Example: If you provide the value 3, and the asset is not discovered through 3 EASM discoveries, it will be deleted from the CSAM account.
excludeDefamatory Domain	Optional	String	Provide the value as 'false' if you want to view the defamatory domains. The default value is 'true'. The excludeDefamatoryDomain parameter is supported only if the enableTyposquattedDomainGeneration parameter is set to 'true'.
enableTyposquatted DomainGeneration	Optional	String	Provide the value as 'true' if you want to generate and view the typosquatted domains for the respective domain and organization seed values. The default value is 'false'.
enableDomainSecurity	Optional	Boolean	Provide the value as true or false to enable or disable the Domain Security feature for an EASM profile.
easmScanAssetsScoping	Optional	Object	Define the scope to include or exclude assets from an EASM scan based on asset tags.
includeType	Optional	String	Provide the condition for including assets in the EASM scan. Accepted values: ANY: Includes assets that have at least one of the specified tags. ALL: Includes assets that have all of the specified tags.
includeTagIds	Optional	Integer	Provide the list of asset tag IDs to include in the EASM scan.
excludeType	Optional	String	Provide the condition for excluding assets from the EASM scan. Accepted values: ANY: Includes assets that have at least one of the specified tags. ALL: Includes assets that have all of the specified tags.
excludeTagIds	Optional	Integer	Provide the list of asset tag IDs to exclude from the EASM scan.

Sample - Create an EASM ProfileSample - Create an EASM Profile

API Request

curl -X POST 
'<qualys_base_url>/easm/v2/profile'
  --header 'Content-Type: application/json'
  --header 'Authorization: Bearer <JWT_Token>'
  --data '{
    "name": "newProfile",
    "includeSeeds": [
      {
        "seedType": "DOMAIN",
        "seedValue": "qualyss.com",
        "enumerateSubsidiary": false,
        "horizontalEnumeration": false,
        "seedFilters": [],
        "verticalEnumeration": false,
        "seedFileName": null
      }
    ],
    "excludeSeeds": [],
    "enableIFAScan": false,
    "active": true,
    "enableEASMScan": false,
    "includeVMAssets": false,
    "excludeCDNAssets": true,
    "defaultPurgeRuleFrequency": 3,
    "excludeDefamatoryDomain": true,
    "enableTyposquattedDomainGeneration": false,
    "enableDomainSecurity": true,
    "easmScanAssetsScoping": {
      "includeType": "ANY",
      "includeTagIds": [
        51604974
      ],
      "excludeType": "ANY",
      "excludeTagIds": [
        49218939
      ]
    }
  }'

Response

{
 "code": "201",
 "status": "SAVED",
 "date": "2024-01-15 10:08:53",
 "message": "Profile Created Successfully: "
}

Important to Know!

You can't create a duplicate profile, that is a profile with the same configurations as the existing profile.

The following response is shown if you attempt to do that:

Status Code=400Bad Request

{

 "date": "2024-07-04 11:40:51",

 "message": "Duplicate profile configurations are not allowed.

The same configuration exists with the existing profile FirstProfile.",

 "details": [

 "Duplicate profile configurations are not allowed. The same

configuration exists with the existing profile FirstProfile."

 ]

}

Sample with enableEASMScan and includeVMAssets Fields

See the following prerequisites before you go through the subsequent sample.

EASM scan must be enabled for your subscription from the back office so that you can set the EASM scan to true for an EASM profile.
You can't set the includeVMAssets value to true unless you set the enableEASMScan value to true.

Field	Value	Details
enableEASMScan	true	Indicates that you enabled the EASM scan for the EASM profile.
enableEASMScan	false	Indicates that you didn't enable the EASM scan for the EASM profile.
includeVMAssets	true	Indicates that you choose to include all EASM assets in the EASM scan.
includeVMAssets	false	Indicates that you choose to include unmanaged EASM assets in the EASM scan.

Sample - Create an EASM Profile
(with enableEASMScan and includeVMAssets Fields)Sample - Create an EASM Profile
(with enableEASMScan and includeVMAssets Fields)

API Request

curl --location --request POST '<qualys_base_url>/easm/v2/profile' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <Auth Token>' \
--data '
{
 "name":"NewProfile1",
 "defaultProfile":false,
 "includeSeeds": [
 {
 "seedType": "DOMAIN",
 "seedValue": "qualys.com",
 "seedHeading": null,
 "enumerateSubsidiary": "true",
 "horizontalEnumeration": "true",
 "verticalEnumeration": "true",
 "seedFilters": []
 }
 ],
 "excludeSeeds": [],
 "enableIFAScan": false,
 "enableEASMScan": true,
 "includeVMAssets": true
}'

Response

{
 "code": "201",
 "status": "SAVED",
 "date": 2024-04-21 11:35:12,
 "message": "Profile Created Successfully."
}

Sample - Create an EASM Profile
(with excludeCDNAAssets, defaultPurgeRule Frequency, excludeDefamatory Domain, enableTyposquattedDomainGeneration Fields)Sample - Create an EASM Profile
(with excludeCDNAAssets, defaultPurgeRule Frequency, excludeDefamatory Domain, enableTyposquattedDomainGeneration Fields)

API Request

curl -X POST
'<qualys_base_url>/easm/v2/profile'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer <JWT_Token>'
--data '{
  "name": "newProfile",
  "includeSeeds": [
    {
      "seedType": "DOMAIN",
      "seedValue": "qualyss.com",
      "enumerateSubsidiary": false,
      "horizontalEnumeration": false,
      "seedFilters": [],
      "verticalEnumeration": false,
      "seedFileName": null
    }
  ],
  "excludeSeeds": [],
  "enableIFAScan": false,
  "active": true,
  "enableEASMScan": false,
  "includeVMAssets": false,
  "excludeCDNAssets": true,
  "defaultPurgeRuleFrequency": 3,
  "excludeDefamatoryDomain": true,
  "enableTyposquattedDomainGeneration": false,
  "enableDomainSecurity": true
}'

Response

{
 "code": "201",
 "status": "SAVED",
 "date": 2024-04-21 11:35:12,
 "message": "Profile Created Successfully."
}

Last updated: February, 2026

Create an EASM Profile

Input ParametersInput Parameters

Sample - Create an EASM ProfileSample - Create an EASM Profile

Important to Know!

Sample with enableEASMScan and includeVMAssets Fields

Sample - Create an EASM Profile (with enableEASMScan and includeVMAssets Fields)Sample - Create an EASM Profile (with enableEASMScan and includeVMAssets Fields)

Sample - Create an EASM Profile
(with enableEASMScan and includeVMAssets Fields)Sample - Create an EASM Profile
(with enableEASMScan and includeVMAssets Fields)