Get Started with TotalAI Public APIs
This help is intended to introduce the fundamental architecture for the TotalAI Public API.
Benefits of TotalAI Public APIs
- JSON-Based Request/Response Support: All API endpoints now use standard JSON format for requests and responses, ensuring modern compatibility and ease of integration for client applications.
- QQL-Based Search Capability: The API supports Qualys Query Language (QQL), enabling advanced search and filtering capabilities across TotalAI data sets for precise, efficient querying.
- API Gateway Integration: The Qualys API Gateway serves as the centralized and secure entry point for accessing the TotalAI Public APIs. This ensures consistent authentication, rate limiting, and access control across services.
- Selective Response Field Support: Clients can now customize API responses by specifying which fields they want to receive, improving performance and reducing unnecessary data transfer.
Qualys API Framework
Learn the basics about making API requests. The base URL depends on the platform where your Qualys account is located.
The Qualys TotalAI Public API uses the following framework.
Request URLRequest URL
The URL for making API requests respects the following structure:
https://<baseurl>/<module>/<object>/<object_id>/<operation>
Refer to the following table for the field description.
| Field | Description |
|---|---|
|
|
The Qualys API server URL that you should use for API requests depends on the platform where your account is located. The base URL for Qualys US Platform 1 is: For documentation purposes, we use |
|
|
The API module. For the TotalAI Public API, the module is: TotalAI. |
|
|
The module-specific object. |
|
|
(Optional) The module-specific object ID, if appropriate. |
|
|
The request operation, such as count. |
Qualys API Gateway URL
The Qualys API URL you should use for API requests depends on the Qualys TotalAI Public API platform.
Click here to identify your Qualys platform and get the API URL
This documentation uses the API gateway URL for <qualys_base_url> in sample API requests. If you are on another platform, replace this URL with the appropriate gateway URL for your account.
Introduction to TotalAI Public API Paradigm
Get tips on using the Curl command-line tool to make API requests. Every API request must authenticate using a JSON Web Token (JWT) obtained from the Qualys Authentication API.
AuthenticationAuthentication
To access the TotalAI Public APIs, first get an authentication token from the Qualys API Gateway.
Example Authentication Curl Request:
API Request
curl -k -d "username=<user>&password=<password>" -X POST <qualys_base_url>/auth
API Rate Limits
The Qualys API enforces limits on the API calls a customer can make based on their subscription settings. Default API control settings are provided by the service.
These settings may be customized per subscription by Qualys Support.
API ControlsAPI Controls
API controls are applied per subscription based on your subscription’s service level. Default settings are provided and these may be customized per subscription by Qualys Support.
Concurrency Limit per Subscription (per API): This is the maximum number of concurrent API calls allowed within the subscription for each API (as per service level).
Rate Limit per Subscription (per API): Individual rate and count settings are applied (as per service level).
Rate Limit Count per Subscription (per API): The maximum number of API calls allowed within the subscription during the configured rate limit period.
Rate Limit Period per Subscription (in seconds, per API): The period of time that defines a window when API calls are counted within the subscription for each API.
By default, you get Standard API service.
Service Level API Control
| Service Level | API Control |
|---|---|
| Standard API Service |
|
Get API Notifications
Subscribe to our API Notifications RSS Feeds for announcements and the latest news: API Notifications RSS Feed.