View the users in the subscription. XML responses provide details about each user such as the user’s login ID, account info, assigned asset groups, and permissions. Session-based authentication is not supported using this API.
When the API request is made by a Manager or Unit Manager, the last login date for each user is provided in the XML results. This is the most recent date and time the user logged into the service. For a Manager, the last login date appears for all users in the subscription. For a Unit Manager, the last login date appears for all users in the Unit Manager’s same business unit.
Managers and Administrators can view all users in subscription.
Express Lite - This API is available to Express Lite users.
Unit Managers can view full user account details for users in their business unit. Unit Managers may also be able to view partial user account details for users outside of their business unit. This is determined by a subscription-level permission set by Managers in the user interface.
If “Restrict view of user information for users outside of business unit” is not selected (the default), then Unit Managers have an unrestricted view and can see partial details about users who are not in their assigned business unit. If “Restrict view of user information for users outside of business unit” is selected, then Unit Managers have a restricted view and cannot see any details for users who are not in their assigned business unit. For example, Unit Managers in Business Unit A would not be able to view general information or asset group assignments for users in Business Unit B.
The following table describes the amount of detail visible to Unit Managers for different types of users based on whether the Unit Manager has a restricted or unrestricted view.
Full user account details include: user login, general information, assigned asset groups, user role, business unit, the Unit Manager Point of Contact (POC), the Manager POC, extended permissions and email notifications.
With a Partial view, the following details are not visible: user login, extended permissions and email notifications.
Permissions - Click here for user related permissions
| Parameter | Required/Optional | Data Type | Description |
|---|---|---|---|
|
external_id_contains={string} |
Optional | String |
Show only user accounts with an external ID value that contains a certain string. The string you specify can have a maximum of 256 characters. The characters can be in uppercase, lowercase or mixed case (the service performs case-sensitive matching). HTML or PHP tags cannot be included. Only one of these parameters may be specified for a single API request: external_id_contains or external_id_assigned. |
|
external_id_assigned={0|1} |
Optional | Integer |
Specify 1 to show only user accounts which have an external ID value assigned. Specify 0 to show only user accounts which do not have an external ID value assigned. Only one of these parameters may be specified for a single API request: external_id_contains or external_id_assigned. |
API Request
"<qualys_base_url>/msp/user_list.php"
XML output
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE USER_LIST_OUTPUT SYSTEM "<qualys_base_url>/user_list_output.dtd"> <USER_LIST_OUTPUT> <USER_LIST> <USER> <USER_LOGIN> acme_ab1 </USER_LOGIN> <USER_ID> 63 </USER_ID> <CONTACT_INFO> <FIRSTNAME> <![CDATA[Alex]]> </FIRSTNAME> <LASTNAME> <![CDATA[Kim]]> </LASTNAME> <TITLE> <![CDATA[Manager, Security]]> </TITLE> <PHONE> <![CDATA[650 801 6100]]> </PHONE> <FAX> <![CDATA[650 801 6101]]> </FAX> <EMAIL> <![CDATA[test@abc.com]]> </EMAIL> <COMPANY> <![CDATA[Acme, Inc.]]> </COMPANY> <ADDRESS1> <![CDATA[100 Summer Street]]> </ADDRESS1> <ADDRESS2> <![CDATA[]]> </ADDRESS2> <CITY> <![CDATA[San Francisco]]> </CITY> <COUNTRY> United States of America </COUNTRY> <STATE> California </STATE> <ZIP_CODE> <![CDATA[94111]]> </ZIP_CODE> <TIME_ZONE_CODE> <![CDATA[Auto]]> </TIME_ZONE_CODE> </CONTACT_INFO> <USER_STATUS> Active </USER_STATUS> <CREATION_DATE> 2017-07-26T19:43:01Z </CREATION_DATE> <LAST_LOGIN_DATE> 2018-04-26T22:41:56Z </LAST_LOGIN_DATE> <USER_ROLE> Manager </USER_ROLE> <BUSINESS_UNIT> <![CDATA[Unassigned]]> </BUSINESS_UNIT> <UNIT_MANAGER_POC> 0 </UNIT_MANAGER_POC> <MANAGER_POC> 1 </MANAGER_POC> <UI_INTERFACE_STYLE> standard_blue </UI_INTERFACE_STYLE> <PERMISSIONS> <CREATE_OPTION_PROFILES> 1 </CREATE_OPTION_PROFILES> <PURGE_INFO> 1 </PURGE_INFO> <ADD_ASSETS> 1 </ADD_ASSETS> <EDIT_REMEDIATION_POLICY> 1 </EDIT_REMEDIATION_POLICY> <EDIT_AUTH_RECORDS> 1 </EDIT_AUTH_RECORDS> </PERMISSIONS> <NOTIFICATIONS> <LATEST_VULN> weekly </LATEST_VULN> <MAP> ags </MAP> <SCAN> ags </SCAN> <DAILY_TICKETS> 0 </DAILY_TICKETS> </NOTIFICATIONS> </USER> <USER> ... <USER> <USER_LOGIN> test_user </USER_LOGIN> <USER_ID> 123456 </USER_ID> <CONTACT_INFO> <FIRSTNAME> <![CDATA[Geoff]]> </FIRSTNAME> <LASTNAME> <![CDATA[Holden]]> </LASTNAME> <TITLE> <![CDATA[Security Scanner]]> </TITLE> <PHONE> <![CDATA[650 801 6100]]> </PHONE> <FAX> <![CDATA[650 801 6101]]> </FAX> <EMAIL> <![CDATA[gholden@acme.com]]> </EMAIL> <COMPANY> <![CDATA[Acme, Inc.]]> </COMPANY> <ADDRESS1> <![CDATA[100 Summer Street]]> </ADDRESS1> <ADDRESS2> <![CDATA[]]> </ADDRESS2> <CITY> <![CDATA[San Francisco]]> </CITY> <COUNTRY> United States of America </COUNTRY> <STATE> California </STATE> <ZIP_CODE> <![CDATA[94111]]> </ZIP_CODE> <TIME_ZONE_CODE> <![CDATA[US-CA]]> </TIME_ZONE_CODE> </CONTACT_INFO> <ASSIGNED_ASSET_GROUPS> <ASSET_GROUP_TITLE> <![CDATA[AG 24]]> </ASSET_GROUP_TITLE> </ASSIGNED_ASSET_GROUPS> <USER_STATUS> Pending Activation </USER_STATUS> <CREATION_DATE> 2018-04-06T21:02:26Z </CREATION_DATE> <LAST_LOGIN_DATE> N/A </LAST_LOGIN_DATE> <USER_ROLE> Scanner </USER_ROLE> <BUSINESS_UNIT> <![CDATA[Unassigned]]> </BUSINESS_UNIT> <UNIT_MANAGER_POC> 0 </UNIT_MANAGER_POC> <MANAGER_POC> 0 </MANAGER_POC> <UI_INTERFACE_STYLE> standard_blue </UI_INTERFACE_STYLE> <PERMISSIONS> <CREATE_OPTION_PROFILES> 1 </CREATE_OPTION_PROFILES> <PURGE_INFO> 0 </PURGE_INFO> <ADD_ASSETS> 0 </ADD_ASSETS> <EDIT_REMEDIATION_POLICY> 0 </EDIT_REMEDIATION_POLICY> <EDIT_AUTH_RECORDS> 0 </EDIT_AUTH_RECORDS> </PERMISSIONS> <NOTIFICATIONS> <LATEST_VULN> weekly </LATEST_VULN> <MAP> ags </MAP> <SCAN> ags </SCAN> <DAILY_TICKETS> 0 </DAILY_TICKETS> </NOTIFICATIONS> </USER> ... </USER> </USER_LIST> </USER_LIST_OUTPUT>
<platform API server>/user_list_output.dtd