Library Policy

GET /pcas/v1/library/policy/list

Using this API, you can list all policies associated with a specific label ID. The response displays details such as the policy ID, title, version, and date. The results are filtered based on the specified label and technology.

Input ParametersInput Parameters

Parameter	Required/ Optional	Data Type	Description
Authorization	Required	String	Enter the Bearer token.
labelId={value}	Optional	Integer	List policies associated to the label ID. If no label ID is specified, technology details associated with all labels are returned.
technologyId={value}	Optional	Integer	List policies associated with the technology ID. You can enter multiple IDs separated by comma. If the technology ID is not provided, display policies from all technologies.
includeDescription={value}	Optional	Boolean	Specify 'true' to display the description else specify 'false'.
updatedAfter={value}	Optional	Integer	Filters response based on the given date. Policies updated on and after the provided date are displayed. Date format - dd/mm/yyyy.

Sample 1 - List policy IDs and their namesSample 1 - List policy IDs and their names

API Request

curl -X 'GET' '<qualys_base_url>/pcas/v1/library/policy/list '
-H 'accept: application/json'
-H 'Authorization: Bearer <AuthToken>

JSON Output

[
  {
    "policyId": 1464200,
    "policyTitle": "CIS Benchmark for Apple macOS 10.12, v1.1.0[Scored, Level 1 and Level 2]",
    "version": 1,
    "date": "02/06/2025"
  },
  {
    "policyId": 1464300,
    "policyTitle": "DISA Security Technical Implementation Guide(STIG) for Windows Server 2008 non-R2 MS, V6R46",
    "version": 1,
    "date": "02/06/2025"
  }
]

Sample 2 - List policies for a label IDSample 2 - List policies for a label ID

API Request

curl -X 'GET' '<qualys_base_url>/pcas/v1/library/policy/list?labelId=<label_id>'
-H 'accept: application/json'
-H 'Authorization: Bearer <AuthToken>'

JSON Output

[
  [
    {
      "policyId": 1465339,
      "policyTitle": "CIS Benchmark for Microsoft Windows Server 2016, v3.0.0 [Automated and Manual, Level 1 - Domain controller]",
      "version": 1,
      "date": "13/11/2024"
    },
    {
      "policyId": 1465356,
      "policyTitle": "CIS Benchmark for Microsoft Windows Server 2025, v1.0.0 [Automated and Manual, Level 1 - Domain controller, Level 2 - Domain controller]",
      "version": 1,
      "date": "09/05/2025"
    }
  ]
]

Sample 3 - List policies for a label ID and technology IDSample 3 - List policies for a label ID and technology ID

API Request

curl -X 'GET' '<qualys_base_url>/pcas/v1/library/policy/list?labelId=<labelId>&technologyId=<technologyId>'
-H 'accept: application/json'
-H 'Authorization: Bearer <AuthToken>'

JSON Output

[
  [
    {
      "policyId": 1464495,
      "policyTitle": "CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0 [Automated and Manual, Level 1 and Level 2]",
      "version": 16,
      "date": "08/08/2025"
    },
    {
      "policyId": 1441206,
      "policyTitle": "CIS Benchmark for IBM DB2 11.x, v1.1.0 [Automated and Manual, Level 1 - RDBMS]",
      "version": 3,
      "date": "02/06/2025"
    }
  ]
]

Sample 4 - List policies for a label ID, technology ID, and include a descriptionSample 4 - List policies for a label ID, technology ID, and include a description

API Request

curl -X 'GET' '<qualys_base_url>/pcas/v1/library/policy/list?labelId=<label_id>&technologyId=<technologyId>&includeDescription=true'
-H 'accept: application/json'
-H 'Authorization: Bearer <AuthToken>'

JSON Output

[
  [
    {
      "policyId": 1464495,
      "policyTitle": "CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0 [Automated and Manual, Level 1 and Level 2]",
      "description": "This CIS certified policy for Red Hat Enterprise Linux 8 is based on the CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0. The policy contains Level 1 and Level 2, Automated, and Manual types of checks from the benchmark. The controls within the policy are configured on the basis of values provided by the CIS benchmark.",
      "version": 16,
      "date": "08/08/2025"
    },
    {
      "policyId": 1441206,
      "policyTitle": "CIS Benchmark for IBM DB2 11.x, v1.1.0 [Automated and Manual, Level 1 - RDBMS]",
      "description": "This CIS certified policy for IBM DB2 11 is based on the CIS Benchmark for IBM DB2 11, v1.1.0. The policy contains Automated and Manual types of checks which are of Level 1 - RDBMS profile. The controls within the policy are configured on the basis of values provided by CIS benchmark.",
      "version": 3,
      "date": "02/06/2025"
    }
  ]
]

Sample 5 - List policies for a label ID, technology ID, include a description, and the updated dateSample 5 - List policies for a label ID, technology ID, include a description, and the updated date

API Request

curl -X 'GET' '<qualys_base_url>/pcas/v1/library/policy/list?labelId=<labelId>&technologyId=<technologyId>&includeDescription=true&updatedAfter=08-08-2025'
-H 'accept: application/json'
-H 'Authorization: Bearer <AuthToken>'

JSON Output

[
  {
    "policyId": 1464495,
    "policyTitle": "CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0 [Automated and Manual, Level 1 and Level 2]",
    "description": "This CIS certified policy for Red Hat Enterprise Linux 8 is based on the CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0. The policy contains Level 1 and Level 2, Automated, and Manual types of checks from the benchmark. The controls within the policy are configured on the basis of values provided by the CIS benchmark.",
    "version": 16,
    "date": "08/08/2025"
  },
  {
    "policyId": 1464494,
    "policyTitle": "CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0 [Automated and Manual, Level 1]",
    "description": "This CIS certified policy for Red Hat Enterprise Linux 8 is based on the CIS Benchmark for Red Hat Enterprise Linux 8, v3.0.0. The policy contains Level 1, Automated, and Manual types of checks from the benchmark. The controls within the policy are configured on the basis of values provided by the CIS benchmark.",
    "version": 17,
    "date": "08/08/2025"
  }
]