Generate Authentication Token
Perform the following steps to generate an Authentication Token using the Client ID and Secret Key generated for the user-level and subscription-level clients. The steps to generate the JWT token for both clients are the same.
- Execute the Qualys authentication API (/auth/oauth or /auth/oidc).
- Provide the Client ID and Client Secret Key for the user-level or subscription-level client in the API request.
- The JWT token for the associated user and subscription is generated. Store this JWT token at a safe place. The newly generated JWT token is valid for the next four hours.
You can use the existing Client ID and Client Secret Key to generate new JWT tokens.
Use the following API Endpoints to generate the JWT Token for API Authentication:
Generate Token for Subscription Level Client
Use this API endpoint to generate an authentication token using Client ID and Client Secret Key for a subscription-level client.
Permissions Required: Need UI and API Access Permissions.
Input ParametersInput Parameters
You must provide the following input parameters in the API Request header to generate an authentication token.
| Input Parameters | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| clientSecret |
Mandatory | String | Provide the client secret key generated while creating the user-level or subscription-level client. |
| clientId |
Mandatory | String | Provide the Client ID for the user-level or subscription-level client for whom you want to generate the JWT Token. |
| encrypted {} |
Optional | String | Provide the encryption details for JWT Token. The encrypted JWT Tokens improve the security. For example, RSA512. Syntax: data-urlencode=encrypted RSA512 |
Sample: Generate an Authentication Token for Subscription Level ClientSample: Generate an Authentication Token for Subscription Level Client
This API illustrates generating an authentication token to access Qualys APIs using the Client ID and Client Secret Key. Provide the Client ID and Client Secret Key in the API request to fetch the authentication token.
API RequestCode
curl -X POST '<qualys_base_url>/auth/oauth'
--header 'clientSecret: wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
--header 'clientId: 123e4567-e89b-12d3-a456-426614174000'
--data-raw ''
API Response
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiJjbGllbnQxMjM0NTYiLCJzYwZXM
iOlsiYXBpLnJlYWQiLCJhcGkud3JpdGUiXSwi
aXNzIjoiaHR0cHM6Ly9kdW1teS1hdXRoLmNvb
SIsImV4cCI6MTcwMDAwMDAwMH0.SdXn3I6yTb-
JNk9LPjR8W9xAtH7dN3Mqf3HdJ5WnRfE
Generate Token for User Level Client
Use this API endpoint to generate an authentication token using Client ID and Client Secret Key for a user-level client.
Permissions Required: Need UI and API Access Permissions.
Sample: Generate an Authentication Token for User Level ClientSample: Generate an Authentication Token for User Level Client
This API illustrates generating an Authentication Token to access Qualys APIs using the Client ID and Client Secret Key. Provide the Client ID and Client Secret Key in the API request to fetch the JWT token.
API Request
curl -X POST '<qualys_base_url>/auth/oidc'
--header 'clientSecret: wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
--header 'clientId: 123e4567-e89b-12d3-a456-426614174000'
--data-raw ''
API Response
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiJjbGllbnQxMjM0NTYiLCJzYwZXM
iOlsiYXBpLnJlYWQiLCJhcGkud3JpdGUiXSwi
aXNzIjoiaHR0cHM6Ly9kdW1teS1hdXRoLmNvb
SIsImV4cCI6MTcwMDAwMDAwMH0.SdXn3I6yTb-
JNk9LPjR8W9xAtH7dN3Mqf3HdJ5WnRfE
Once the authentication token is generated, you can use it to authenticate your API requests. Include the token in the Authorization header of API requests.
The system validates the authentication token and authorizes the request based on the user's permissions.
Refer to the Examples to learn more about using authentication tokens for accessing APIs.