Create, update, list, and delete VMware NSX records for authenticated scans of VMware NSX environments. This capability allows you to securely authenticate to NSX managed components using VMware NSX credentials, enabling authenticated vulnerability and compliance assessments of supported NSX services and appliances. This simplifies secure access to NSX environments, improves assessment accuracy through authenticated scanning, and reduces operational overhead when managing credentials at scale.
This supports both VM and PA/PC.
Both basic and vault based authentication are supported. Vault based authentication is
supported only for HashiCorp Vault.
Input ParametersInput Parameters
| Parameter | Required/Optional | Data Type | Description |
|---|---|---|---|
| action={action} | Required | String | Specify any one of the following: create, update, list,delete. |
| title={value} | Required to create a record | String | A title for the record. Optional to update record. |
| ips={value} | Required to create record, Optional to update record |
Integer | IPs to be added to your NSX record. You may enter a combination of IPs and IP ranges to identify compliance hosts. Multiple entries are comma separated. Overwrites (replaces) the IP list for the authentication record. The IPs you specify are added and any existing IPs are removed |
| username={value} | Required to create record, optional to update record | String | The username to be used for authentication to NSX. |
| password={value} | Optional | String | The password to be used for authentication to NSX. |
| login_type={basic|vault} | Required | Boolean | The login type is basic by default. You can choose vault (for vault based authentication). Set to vault if a third party vault is used to retrieve the password. For vault based authentication, vault parameters need to be provided in the record. |
| vault_id={value} | Required if login_type=vault | Integer | The ID of the vault to be used to retrieve the password for login. |
| vault_type={value} | Required if login_type=vault | String | The third party vault to be used to retrieve the password for login. Certain vaults support this capability. View our latest Vault Support Matrix. |
| port={value} | Optional | Integer | The port number that the NSX instance is running on. |
| ssl_verify_with_host={0|1} | Optional | Boolean | SSL verification. Set to 1 if you want to verify the server’s certificate is valid and trusted. |
| hosts={value} | Required if ssl_verify_with_host=1 | String | A list of FQDNs for all host IP addresses on which a custom SSL certificate signed by a trusted root CA is installed. |
| ids={value} | Required to update record | Integer | NSX Record IDs to update. Specify record IDs and/or ID ranges (for example, 1359-1407). Multiple entries are comma separated. |
| comments={value} | Optional to create or update record | String | User defined comments. Maximum of 1999 characters. |
Sample Create RecordSample Create Record
API Request
curl --location ' /api/2.0/fo/auth/nsx/index.php?action=create&title=1234NSXkk235&ips=10.xxx.xxx.xxx&username=root&password=Password%40456&port=443' \
--header 'X-Requested-With: curl demo2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode 'action=create'
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T10:32:56Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Created</TEXT>
<ID_SET>
<ID>11629987</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
Sample Update RecordSample Update Record
API Request
curl --location ' /api/2.0/fo/auth/nsx/index.php?action=update%20&username=root&password=Password%40456&ids=11629987' \
--header 'X-Requested-With: curl demo2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode 'action=update'
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T10:37:10Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Updated</TEXT>
<ID_SET>
<ID>11629987</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
Sample Delete RecordSample Delete Record
API Request
curl --location ' /api/2.0/fo/auth/nsx/index.php?action=delete&ids=11629987' \
--header 'X-Requested-With: curl demo2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode 'action=delete'
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
<RESPONSE>
<DATETIME>2025-12-11T10:41:22Z</DATETIME>
<BATCH_LIST>
<BATCH>
<TEXT>Successfully Deleted</TEXT>
<ID_SET>
<ID>11629987</ID>
</ID_SET>
</BATCH>
</BATCH_LIST>
</RESPONSE>
</BATCH_RETURN>
API Request
curl --location --request GET ' /api/2.0/fo/auth/nsx/index.php?action=list' \
--header 'X-Requested-With: curl demo2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode 'action=list'
XML Output
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE AUTH_NSX_LIST_OUTPUT SYSTEM "<qualys_base_url>/api/2.0/fo/auth/nsx/auth_nsx_list_output.dtd">
<AUTH_NSX_LIST_OUTPUT>
<RESPONSE>
<DATETIME>2025-12-11T10:31:18Z</DATETIME>
<AUTH_NSX_LIST>
<AUTH_NSX>
<ID>11500969</ID>
<TITLE>
<![CDATA[nsx_auth]]>
</TITLE>
<USERNAME>
<![CDATA[admin]]>
</USERNAME>
<SSL_VERIFY>
<![CDATA[0]]>
</SSL_VERIFY>
<IP_SET>
<IP>10.xxx.xxx.xxx</IP>
</IP_SET>
<PORT>
<![CDATA[443]]>
</PORT>
<SSL_VERIFY_WITH_HOST>
<![CDATA[0]]>
</SSL_VERIFY_WITH_HOST>
<HOSTS>
<![CDATA[www.google.com]]>
</HOSTS>
<LOGIN_TYPE>
<![CDATA[basic]]>
</LOGIN_TYPE>
<CREATED>
<DATETIME>2025-11-28T07:48:06Z</DATETIME>
<BY>username</BY>
</CREATED>
<LAST_MODIFIED>
<DATETIME>2025-12-10T06:45:07Z</DATETIME>
</LAST_MODIFIED>
</AUTH_NSX>
<AUTH_NSX>
<ID>11541079</ID>
<TITLE>
<![CDATA[mob_api12345]]>
</TITLE>
<USERNAME>
<![CDATA[root]]>
</USERNAME>
<IP_SET>
<IP>111.xx.xx.xx</IP>
</IP_SET>
<PORT>
<![CDATA[443]]>
</PORT>
<LOGIN_TYPE>
<![CDATA[basic]]>
</LOGIN_TYPE>
<CREATED>
<DATETIME>2025-12-04T05:49:51Z</DATETIME>
<BY>username</BY>
</CREATED>
<LAST_MODIFIED>
<DATETIME>2025-12-04T05:49:51Z</DATETIME>
</LAST_MODIFIED>
</AUTH_NSX>
<AUTH_NSX>
<ID>11541968</ID>
<TITLE>
<![CDATA[1234NSX6]]>
</TITLE>
<USERNAME>
<![CDATA[root]]>
</USERNAME>
<IP_SET>
<IP>10.xxx.xxx.xxx</IP>
</IP_SET>
<PORT>
<![CDATA[445]]>
</PORT>
<LOGIN_TYPE>
<![CDATA[basic]]>
</LOGIN_TYPE>
<CREATED>
<DATETIME>2025-12-04T06:42:32Z</DATETIME>
<BY>vmspxtb</BY>
</CREATED>
<LAST_MODIFIED>
<DATETIME>2025-12-04T08:50:33Z</DATETIME>
</LAST_MODIFIED>
</AUTH_NSX>
<AUTH_NSX>
<ID>11542967</ID>
<TITLE>
<![CDATA[1234NSXkk23]]>
</TITLE>
<USERNAME>
<![CDATA[root]]>
</USERNAME>
<IP_SET>
<IP>10.xxx.xxx.xxx</IP>
</IP_SET>
<PORT>
<![CDATA[443]]>
</PORT>
<LOGIN_TYPE>
<![CDATA[basic]]>
</LOGIN_TYPE>
<CREATED>
<DATETIME>2025-12-04T09:11:25Z</DATETIME>
<BY>vmspxtb</BY>
</CREATED>
<LAST_MODIFIED>
<DATETIME>2025-12-04T09:11:25Z</DATETIME>
</LAST_MODIFIED>
</AUTH_NSX>
</AUTH_NSX_LIST>
</RESPONSE>
</AUTH_NSX_LIST_OUTPUT>
Qualys API Server URL/api/2.0/fo/auth/nsx/auth_nsx_list