Share PCI Scan

GET POST/api/2.0/fo/scan/pci/?action=share

Share (export) a finished PCI scan to Qualys PCI Merchant where you can generate reports required to prove your PCI compliance. The PCI Merchant account to be used must be already defined as a PCI account link using the Qualys user interface

Permissions - Any user with scan permissions (Manager, Unit Manager or Scanner) can share a PCI scan with one of their own PCI Merchant accounts and obtain share status. The user’s Qualys account must allow access to the PCI scan and must have a link to the target PCI Merchant account.

Share restriction - The following share restriction applies to all users. One PCI scan can be shared (exported) to one PCI Merchant subscription one time only, assuming the share request is successful. (Note: If a particular scan has been exported to any PCI account in the same PCI Merchant subscription as your PCI account, the scan can’t be exported.) If a share request fails for some reason, it's possible to submit another share request for the same PCI scan and PCI Merchant account.

Input ParametersInput Parameters

action=share

Required

String 

Specify action to share PCI scans.

echo_request={0|1}

Optional

Integer 

Specify 1 to view (echo) input parameters in the XML output. By default these are not included.

scan_ref={value}

Required

Integer 

The scan reference of a finished PCI scan. The scan status of this scan must be “Finished”.

merchant_username={value}

Required

String 

The user name of the PCI Merchant account that the PCI scan will be exported to. The API user’s Qualys account must have a PCI account link already defined for this target PCI Merchant account.

Sample - Share PCI ScanSample - Share PCI Scan

API Request

curl -s -H "X-Requested-With: curl demo 2" -D headers.15 -b"QualysSession=38255848108d68a2feaf9ee664ca78a7; path=/api; secure" -d"action=share&merchant_username=manager1@qualys&scan_ref=scan/1281646610.5720""https://<qualys_base_url>/api/2.0/fo/scan/pci/"

Response when request to share PCI scan is successful:

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-01-17T00:50:39Z</DATETIME>
    <TEXT>Requested share of scan to PCI</TEXT>
    <ITEM_LIST>
      <ITEM>
        <KEY>scan_ref</KEY>
        <VALUE>scan/1281646610.5720</VALUE>
      </ITEM>
      <ITEM>
        <KEY>merchant_username</KEY>
        <VALUE>manager1@qualys</VALUE>
      </ITEM>
    </ITEM_LIST>
  </RESPONSE>
</SIMPLE_RETURN>

Response when PCI scan has already been shared:

XML Output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE SIMPLE_RETURN SYSTEM "https://<qualys_base_url>/api/2.0/simple_return.dtd">
<SIMPLE_RETURN>
  <RESPONSE>
    <DATETIME>2018-01-04T14:54:01Z</DATETIME>
    <CODE>999</CODE>
    <TEXT>This scan has already been shared with the Merchant account.</TEXT>
  </RESPONSE>
</SIMPLE_RETURN>

DTD

<platform API server>/api/2.0/simple_return.dtd

 


 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.