Authentication with valid Qualys PCI user account credentials is required for making PCI API requests to the Qualys API servers. These servers are hosted at the Qualys platform, also referred to as the Security Operations Center (SOC), where your account is located. If you need assistance with obtaining a Qualys account, please contact your Qualys account representative.
The application must authenticate using Qualys PCI account credentials (user name and password) as part of the HTTP request. The credentials are transmitted using the “Basic Authentication Scheme” over HTTPS.
For information, see the “Basic Authentication Scheme” section of RFC #2617:
http://www.faqs.org/rfcs/rfc2617.html
The exact method of implementing authentication will vary according to which programming language is used.
The allowed methods, POST and/or GET, for each API request are documented with each API call in this user guide.
Sample Request - Basic Authentication
curl -H "X-Requested-With: test"
-u "USERNAME:PASSWD"
-X POST -H "content-type: application/json"
-H "apiVersion:V1"
"https://pci-api.qualys.com/pci/scan/2185043/details"