SaaS Detection and Response Release 1.14.0 API
March 06, 2026
New APIs for Customizing Controls
With this release, you can now customize system‑defined controls using a new set of public APIs. This feature allows you to modify specific parameters in an existing control to better align with your organization’s policy requirements. You can view the list of controls, get the details of a specific control, change selected values, and then create or update a customized version. After you create or update a control, it is displayed in the Policy tab, Controls section, and you can view its evaluation status on the Monitor page. This update gives you more flexibility to adjust control behavior without creating new control types from scratch.
To customize the Controls, you can use the following APIs:
- POST – Create Custom Control
- PUT – Update Custom Control
- GET – Get Custom Control by ID
- GET – List Custom Controls
New API: Create Custom Control
|
New or Updated API |
New |
|
API Endpoint |
/sdr/api/custom/controls/create |
|
Method |
POST |
|
DTD or XSD Changes |
NA |
Use this API to create a new custom control by modifying the required parameters from an existing control.
Input Parameters Input Parameters
|
Parameter |
Required/ |
Data Type |
Description |
|---|---|---|---|
|
policyId |
Required |
string |
Provide PolicyId for which control is created |
Sample - Create Custom ControlSample - Create Custom Control
API Request
curl --location --request GET '<qualys_base_url>/sdr/api/custom/controls/create?policyId=1xxx' \ --header 'Content-Type: application/json' \
Request Body
--data-raw '[{
"cid": "xxxxx",
"name": "Ensure that '\''Max PIN attempts'\'' setting is configured in '\''1 to 6'\'' range for the iOS device app protection policy",
"criticality": "High",
"criticalityNo": 3,
"description": "This setting in an iOS device app protection policy specifies the maximum number of times a user can attempt to enter their PIN to access a protected app before the app is locked and requires administrative intervention to unlock.",
"connectorType": "OFFICE365",
"entityType": "IOS Managed App Protection Policy",
"entityIdParam": "displayName",
"predicate": "$.[?(@.maximumPinRetries >= 1 && @.maximumPinRetries <= 6)]",
"scope": "API",
"xpath": "$.value"
}]'
Response
"Controls Created Successfully":[ Xxxxx1 ]
New API: Update Custom Control
|
New or Updated API |
New |
|
API Endpoint |
/sdr/api/custom/controls/update/{cID} |
|
Method |
PUT |
|
DTD or XSD Changes |
NA |
Use this API to update a custom control by modifying the required parameters from an existing control.
Input ParametersInput Parameters
Pass the custom control ID in the API request.
Sample - Update Custom ControlSample - Update Custom Control
API Request
curl --location '<qualys_base_url>/sdr/api/custom/controls/update/{cID}'
--header 'Content-Type: application/json' \
Request Body
--data-raw '{
"name": "Ensure that '\''Max PIN attempts'\'' setting is configured in '\''1 to 7'\'' range for the iOS device app protection policy",
"criticality": "High",
"criticalityNo": 3,
"description": "This setting in an iOS device app protection policy specifies the maximum number of times a user can attempt to enter their PIN to access a protected app before the app is locked and requires administrative intervention to unlock.",
"connectorType": "OFFICE365",
"entityType": "IOS Managed App Protection Policy",
"entityIdParam": "displayName",
"predicate": "$.[?(@.maximumPinRetries >= 1 && @.maximumPinRetries <= 7)]",
"scope": "API",
"xpath": "$.value"
}'
Response
"Control Updated Successfully for cID":xxxxx1
New API: Get Details of Specified Control
|
New or Updated API |
New |
|
API Endpoint |
/sdr/api/custom/controls/get/{cID} |
|
Method |
GET |
|
DTD or XSD Changes |
NA |
Use this API to get details of the specified control using the Control ID.
Input ParametersInput Parameters
Pass the custom control ID in the API request.
Sample - Get Details of Specified ControlSample - Get Details of Specified Control
API Request
curl --location '<qualys_base_url>/sdr/api/custom/controls/get/{cId}'
--header 'Content-Type: application/json' \
Response
{
"cid": "xxxxx",
"name": "Ensure that 'Max PIN attempts' setting is configured in '1 to 6' range for the iOS device app protection policy",
"criticality": "Low",
"criticalityNo": 3,
"description": "This setting in an iOS device app protection policy specifies the maximum number of times a user can attempt to enter their PIN to access a protected app before the app is locked and requires administrative intervention to unlock.",
"connectorType": "OFFICE365",
"entityType": "IOS Managed App Protection Policy",
"entityIdParam": "displayName",
"predicate": "$.[?(@.maximumPinRetries >= 1 && @.maximumPinRetries <= 6)]",
"evidences": [
{
"evidenceKey": "Max PIN attempts",
"evidenceSuccess": "$.maximumPinRetries",
"evidenceFail": "$.maximumPinRetries"
}
],
"scope": "API",
"xpath": "$.value"
}
New API: Get Controls List
|
New or Updated API |
New |
|
API Endpoint |
/sdr/api/controls/list |
|
Method |
GET |
|
DTD or XSD Changes |
NA |
Use this API to get the list of controls.
Input ParametersInput Parameters
|
Parameter |
Required/ |
Data Type |
Description |
|---|---|---|---|
|
isCustom |
Optional |
string |
Provide the parameter to filter controls based on whether they are custom or system-defined. |
|
policyName |
Optional |
string |
Provide the policy name to filter controls associated with a specific policy. |
|
connectorType |
Optional |
string |
Provide the connector type to filter controls associated with a specific connector (for example, OFFICE365). |
|
page |
Optional |
string |
Provide the page number to retrieve controls from a specific page. |
|
size |
Optional |
string |
Provide the page size to control the number of controls returned per page. |
Sample - Create Customized ReportSample - Create Customized Report
API Request
curl --location '<qualys_base_url>/sdr/api/controls/list'
Response
{
"name": "Ensure automatic mail forwarding is not allowed through Outlook",
"description": "This setting prevents users from auto-forwarding mail through Outlook and Outlook on the Web.",
"cid": "70109"
}