Some Patch Management features are available through REST APIs. To use the Patch Management APIs from the command line, you must authenticate to the Qualys Cloud Platform using Qualys account credentials (user name and password) and get the JSON Web Token (JWT) before you can start using the Patch APIs.
Use the Qualys Authentication API to get the JWT. Access support information at www.qualys.com/support.
Example Authentication Curl Request:
API Request
curl -X POST
"https://<QualysBaseURL>/auth" -H "Content-Type: application/x-www-form-urlencoded" -d "username=value1&password=value2&token=true&permissions=true"
The following table explains the various components of this request:
| QualysBaseURL |
It is the base URL for the Qualys API server where your account is located. The base URL for Qualys US Platform 1 is: https:///gateway.qg1.apps.qualys.com |
| value1 and value2 |
value1 is the username and value 2 is the password of the user account for which you want to fetch Asset Management data. |
| token |
It must be true. |
| permissions |
It must be true. |
| Content-Type |
It must be application/x-www-form-urlencoded. |
The Authentication API returns a JSON Web Token (JWT), which you can use for authentication during Patch API calls. The token expires in 4 hours. You must regenerate the token to continue using the Patch APIs.
To make calls using the Patch APIs, you must have the PM.API.ACCESS permission.