TotalCloud Release 2.16 API
May 02, 2025
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
What's New?
AWS Resource Details with Secrets
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS |
| Method | GET |
| DTD or XSD changes | Not Applicable |
With this release, the API to list AWS EC2 instances and now includes secretStats and hasSecrets fields. These additions help identify instances with exposed secrets and their severity distribution.
Input ParametersInput Parameters
| Parameter Name | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
pageNo |
Optional | Integer | Page number for pagination (default is 0) |
pageSize |
Optional | Integer | Number of results per page (default is 100) |
updated |
Optional | String | Filter instances updated within a specific time range |
filter |
Optional | String | Filter based on specific instance attributes like resource.id |
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS?filter=resource.id%3Ai-xxxxxxxxxxxxxxxxx&pageNo=0&pageSize=10&updated=%5Bnow-30d..now%5D' \ -H 'accept: */*' \ -H 'Authorization: Basic '
API Response
{
"content": [
{
"resourceId": "i-xxxxxxxxxxxxxxxxx",
"name": "test-secrets",
"hasSecrets": true,
"secretStats": {
"severity": {
"CRITICAL": 6,
"HIGH": 7,
"MEDIUM": 21,
"LOW": 16
},
"totalSecrets": 50
},
...
}
],
...
}
Instance Details with Secrets
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/<uuid>/AWS |
| Method | GET |
| DTD or XSD changes | Not Applicable |
With this release, The API to retrieve detailed information about an AWS EC2 instance is now enhanced to include a secrets array containing the list of detected secrets with associated metadata.
Input ParametersInput Parameters
| Parameter Name | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
uuid |
Mandatory | String | Unique identifier of the EC2 instance |
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/AWS' \ -H 'accept: */*' \ -H 'Authorization: Basic <auth token>'
API Response
{
"content": [
{
"subnetId": "subnet-0xxxxxxxxxxxxxxxx",
"resourceId": "i-0xxxxxxxxxxxxxxxx",
"arsScore": 165,
"uuid": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"availabilityZone": "us-east-1b",
"remediationEnabled": null,
"lastUpdated": "2025-04-20T07:56:44+0000",
"instanceState": "running",
"networkInterfaceAddresses": [
{
"networkInterfaceId": "eni-xxxxxxxxxxxxxxxxxx",
"subnetId": "subnet-0xxxxxxxxxxxxxxxx",
"ipv6Ip": [],
"secondaryPrivateIp": [],
"description": "",
"groups": [
{
"groupName": "launch-wizard-3",
"groupId": "sg-0xxxxxxxxxxxxxxxx"
}
],
"privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
"publicIp": "xx.xx.xx.xx",
"privateIpAddress": "xxx-xx-xx-xxx"
}
],
"cloudType": "AWS",
"isSnapshotScanEnabled": true,
"events": null,
"iamInstanceProfileRoleDetails": null,
"connectorUuids": [
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
],
"imageId": "ami-0xxxxxxxxxxxxxxxx",
"created": "2025-03-26T06:58:03.219+00:00",
"cloudAccountId": "xxxxxxxxxxx",
"ipAddress": null,
"publicDnsName": "ec2-50-17-16-28.compute-1.amazonaws.com",
"secrets": null,
"privateIpAddress": "xxx-xx-xx-xxx",
"tags": [
{
"value": "instancenew",
"key": "Name"
},
{
"value": "true",
"key": "QUALYS_SNAPSHOT_ENABLED"
}
],
"launchTime": "2025-03-19T09:52:17+0000",
"classifications": null,
"name": "instancenew",
"secondaryPrivateIpAddress": null,
"region": "us-east-1",
"accountAlias": null,
"controlsFailed": 4,
"createdOn": "2025-03-26T06:58:03+0000",
"secretStats": {
"severity": {
"HIGH": 86,
"MEDIUM": 37,
"LOW": 22,
"CRITICAL": 23
},
"totalSecrets": 168
},
"instanceId": "i-xxxxxxxxxxxxxxxx",
"vulnerabilityStats": {
"severity": {
"3": 1,
"4": 9
},
"typeDetected": {
"Confirmed": 10,
"Information": 5
},
"totalVulnerability": 15
},
"vpcId": "vpc-xxxxxxxxxxxxxxxx",
"hasSecrets": true,
"publicIpAddress": "50.17.16.28",
"instanceType": "t2.micro",
"additionalDetails": null,
"connectorUuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"instanceStatus": null,
"iamInstanceProfile": null,
"spotInstanceRequestId": null,
"elasticIpAddress": null,
"sev3Sev4Sev5VulnCount": 0,
"qualysTags": [],
"vulnerabilities": null,
"securityGroups": [
{
"groupName": "launch-wizard-3",
"groupId": "sg-06c97140dd933163b"
}
],
"privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
"criticalityScore": 0,
"resourceType": "EC2_INSTANCE"
}
Get Cloud Resources with Vulnerability Statistics
| New or Updated API | Updated |
| API Endpoint | /cloudview-ap/rest/v1/resource/{resourceType}/AWS |
| Method | POST |
| DTD or XSD changes | Not Applicable |
With this release, this API is updated to include a new response parameter:vulnerabilityStats. This parameter summarizes vulnerability data for each listed resource enabling quick prioritization and risk assessment at scale.
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-ap/rest/v1/resource/{resourceType}/AWS' \
-H 'accept: */*' \
-H 'Authorization: Basic <auth token>'
API Response
"vulnerabilityStats": {
"severity": {
"1": 4,
"2": 1,
"3": 3,
"4": 1
},
"typeDetected": {
"Confirmed": 3,
"Information": 4,
"Potential": 2
},
"totalVulnerability": 9
}
Get Resource Details by UUID
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS |
| Method | POST |
| DTD or XSD changes | Not Applicable |
With this release, this API now includes a vulnerability array in the response parameters that provides a detailed list of vulnerabilities associated with the specified resource, which can be used to perform targeted investigation and remediation.
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS' \
-H 'accept: */*' \
-H 'Authorization: Basic <auth token>'
API Response
"vulnerability": [
{
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"resourceId": "ami-0xxxxxxxxxxxxxxxx",
"name": "Amazon Linux Security Advisory for python-urllib3 : ALAS2023-2024-747",
"qid": 358188,
"typeDetected": "Confirmed",
"severity": 2,
"protocol": "",
"hostOS": "Amazon Linux 2023.6.20241010",
"category": "Amazon Linux",
"lastFound": "2025-03-12T09:44:31.509+00:00",
"firstFound": "2025-03-12T09:44:31.509+00:00",
"port": 0
},
{
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"resourceId": "ami-0xxxxxxxxxxxxxxxx",
"name": "Amazon Linux Security Advisory for kernel : ALAS2023-2025-823",
"qid": 358510,
"typeDetected": "Confirmed",
"severity": 4,
"protocol": "",
"hostOS": "Amazon Linux 2023.6.20241010",
"category": "Amazon Linux",
"lastFound": "2025-03-12T09:44:31.509+00:00",
"firstFound": "2025-03-12T09:44:31.509+00:00",
"port": 0
}
]
JWT Token Generation using Client ID and Secret Key
You can generate the JWT access token by providing the client ID and client secret key in the following API request headers.
For more information on client ID and client secret key, refer to Support for Auth ID Client Management from UI.
JWT Access Token RequestJWT Access Token Request
API Request
curl -X POST
'<qualys_base_url>/auth/oidc'
--header 'clientSecret: wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
--header 'clientId: 123e4567-xxxx-xxxx-xxxx-426614174000'
--data-raw ''
API Response (contains JWT access token)
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiJjbGllbnQxMjM0NTYiLCJzYwZXM
iOlsiYXBpLnJlxxxxxxxxxxxxxxxxxxUiXSwia
XNzIjoiaHR0cHxxxxxxxxxxxxxxxxxxLmNvbSI
sImV4cCI6MTcwMDAwMDAwMH0.SdXn3I6yTb-
JNk9LPjR8W9xAtH7dN3Mqf3HdJ5WnRfEOnce the JWT access token is successfully generated, you can use it to authenticate your API requests. Include the token in the Authorization header of API requests.
The system validates the JWT token and authorizes the request based on the user's permissions. See the below example, where a user with API access calls an API to retrieve the Assessment Reports.
Example API: Get Assessment ReportsExample API: Get Assessment Reports
API Request
curl--location '<qualys_base_url>/cloudview-api/rest/v2/report/assessment/create'--header 'Authorization: Bearer <Above bearer token> ' --header 'Content-Type: application/json'
Response
{
"reportName": "AWS Assessment Report",
"description": "",
"cloudType": "AWS",
"query": "",
"startDate": "2025-05-03T00:12:53Z",
"endDate": "2025-05-10T18:53:s53Z",
"executionType": "RUN_TIME",
"policyIds": [
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
],
"tagIds": [
],
"connectorIds": ["xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
],
"format": "csv",
"iacResourceResults": [ ]
}