Change passwords for all or some users in the same subscription. This API allows Managers, Administrators, Unit Managers to change passwords for multiple users at once as a "batch" process. New passwords are automatically generated by the service. This API does not support session based authentication.
It’s possible to change passwords for user accounts with a status of “active”, “inactive” or “pending activation”. It’s not possible to change passwords for deleted accounts. Since
Contact users do not have login access to Qualys, it’s not possible to change passwords for Contacts.
A password change API request returns a password change XML report indicating the user
accounts affected and whether password changes were made for each account. A success message is included when passwords were changed on all target accounts. A warning
message is included if passwords for any of the target accounts could not be changed. Upon error, an error message is included.
By default the password changes made by the password_change.php API causes the service to automatically send each affected user an email which notifies them of the
password change. If you do not wish users to receive this email notification, you have the option to return the user login ID and password for affected users as XML value pairs in
the password change report. To do this, make a password_change.php request and specify the email=0 parameter. If you make such a request on an account with the status “pending activation”, the function automatically assigns the “active” status since the login credentials are available in the XML report.
Permissions - Managers can change password for all users in subscription, except the user making the request. Unit Managers can change password for all users in same business unit, except the user making the request. Administrator can change password for all users in subscription, except Manager and the user making the request.
Input ParametersInput Parameters
|
Parameter |
Required/Optional |
Data Type |
Description |
|---|---|---|---|
|
user_logins={value} |
Required | Integer |
One or more Qualys user login IDs of user accounts to change the password for. Multiple user login IDs are comma separated. Specify user_logins=all to change the password for all users in the user’s account, except the requesting user. |
|
send_email={0|1} |
Optional | Integer |
A flag that indicates whether users will receive an email notification alerting them to the password change. 1 - (default) When set to 1, an email notification will be sent to affected users. Each user clicks a secure link in the email to view the new password. 0 - When set to 0, an email notification will not be sent to affected users, and the XML report returned by the function will include the login ID and password for each user account as XML value pairs. If you make such a request on an account with the status “pending activation”, the API automatically assigns the “active” status since the login credentials are available in the XML report. |
Password change request for two accounts, send affected users an email notification including a secure link to their new password.
API Request
https://<qualys_base_url>/msp/password_change.php?user_logins=acme_jr,acme_dd
Password change request for all users in the API user’s account (except the API user) and return the login ID and password for each affected user in the password change XML response.
API Request
https://<qualys_base_url>/msp/password_change.php?user_logins=all&email=0
<platform API server>/password_change_output.dtd