Policy Audit Release 1.13 API 

July 6, 2026

In the API Release Notes, <qualys_base_url> and <gateway_base_url> is used as a sample API request to represent the API server URL. To learn more about the API server URL for your environment, refer to the Know Your Qualys API Server URL section. 

We have implemented versioning for APIs. For more information on API versioning, refer to the Updates on API Versioning Standards & Deprecation Timelines blog.

PCAS Control List API

A new Control List API is now available through the PCAS service to retrieve control details more efficiently.

New or Updated API New
API Endpoint /pcas/v1/compliance/controls
Method GET

This new API provides all the functionality available in the Control List API and additionally supports Audit Commands, enabling you to retrieve the audit commands configured for a control.

In addition to the new fields, the API provides improved performance by leveraging the PCAS service architecture for faster retrieval of control information.

 This API feature is available to users with PA subscription only.

Input ParametersInput Parameters

Parameter Name Required / Optional Data Type Description
ids No Integer Show only certain control IDs and/or ID ranges. One or more control IDs/ranges may be specified. A control ID range entry is specified with a hyphen (for example, 3000-3250). Valid control IDs are required.

The maximum number of IDs that can be returned in an API request is 1000.

id_min No Integer Show only controls which have a minimum control ID value. A valid control ID is required
id_max No Integer Show only controls which have a maximum control ID value. A valid control ID is required.
controlType No String Select the type of control (SDC, UDC, or All).
updated_after_datetime No Integer Show only controls updated after a certain date/time (for example, 2025-01-01T00:00:00Z).
created_after_datetime No Integer Show only controls created after a certain date/time (for example, 2025-01-01T00:00:00Z).
details No String Show the requested amount of host information for each host. A valid value is:
  • Basic - Includes all control details except framework mappings
  • All - (default) includes all control details
  • None - includes control ID only

By default, the value is set to 'All'.

fields No String Show the different fields, such as, core, criticality, or technologies. For a list of all field groups, refer to the table given below.

If a value is specified for 'fields', the value provided in 'details' is ignored.

page No Integer Page number (0-indexed).
pageSize No Integer Number of results to be displayed per page. By default, the value is set to 200.
echo_request={1|0} No Boolean Specify 1 to display the request parameters in the response, else specify 0.

The list of groups for the 'fields' parameter is as follows:

Groups Fields Included
Core id, type, statement, createdDate, updateDate, category, subCategory
Criticality criticality
check_config checkType, comment, ignoreError, errorSetStatus, evaluateAsString, ignoreItemNotFound, useAgentOnly, autoUpdate, isActive
scan_parameters scanParameters (full atom-level detail for UDC)
technologies technologies.id, technologies.name
technologies_rationale technologies.rationale, technologies.remediation
technologies_audit_commands technologies.auditCommand (SDC)
frameworks frameworks (SDC)

Sample - Display basic details for a controlSample - Display basic details for a control

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?details=Basic' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1044,
      "type": "SDC",
      "updateDate": "2025-07-25T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorizations (Multi-user ACL/role)",
      "statement": "Status of the 'O7_DICTIONARY_ACCESSIBILITY' setting in init.ora",
      "criticality": {
        "label": "CRITICAL",
        "value": 4
      },
      "technologies": [
        {
          "id": 7,
          "name": "Oracle 9i",
          "rationale": "The 'O7_DICTIONARY_ACCESSIBILITY' setting controls access to SYS schema objects."
        },
        {
          "id": 8,
          "name": "Oracle 10g",
          "rationale": "Restricting access prevents unauthorized access to SYS schema objects."
        }
      ]
    },
    {
      "id": 1045,
      "type": "SDC",
      "updateDate": "2018-10-12T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "OS Security Settings",
      "subCategory": "System Settings (OSI layers 6-7)",
      "statement": "Status of the 'Clipbook' service (startup type)",
      "criticality": {
        "label": "SERIOUS",
        "value": 3
      },
      "technologies": [
        {
          "id": 1,
          "name": "Windows XP desktop",
          "rationale": "The Clipbook service transfers clipboard data over the network and should generally be disabled."
        },
        {
          "id": 2,
          "name": "Windows 2003 Server",
          "rationale": "Disabling the service reduces unnecessary security exposure."
        }
      ]
    },
    {
      "id": 1046,
      "type": "SDC",
      "updateDate": "2024-09-26T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorization (Single-user ACL/role)",
      "statement": "Current status of the '_trace_files_public' initialization parameter",
      "criticality": {
        "label": "CRITICAL",
        "value": 4
      },
      "technologies": [
        {
          "id": 7,
          "name": "Oracle 9i",
          "rationale": "Controls public access to Oracle trace files."
        },
        {
          "id": 216,
          "name": "Oracle 19c",
          "rationale": "Publicly accessible trace files may expose sensitive audit information."
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 3,
    "totalElements": 3,
    "hasMore": false
  }
}

Sample - Display controls for a specific IDSample - Display controls for a specific ID

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?ids=1071' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1071,
      "type": "SDC",
      "updateDate": "2026-06-01T00:00:00Z",
      "createdDate": "2007-10-17T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authentication/Passwords",
      "statement": "Status of the 'Minimum Password Length' setting",
      "criticality": {
        "label": "URGENT",
        "value": 5
      },
      "technologies": [
        {
          "id": 1,
          "name": "Windows XP desktop",
          "rationale": "Configuring a minimum password length helps protect against brute-force attacks."
        },
        {
          "id": 10,
          "name": "Solaris 10.x",
          "rationale": "Checks the configured minimum password length on the system.",
          "auditCommand": "Retrieves the PASSLENGTH setting from /etc/default/passwd."
        },
        {
          "id": 91,
          "name": "Windows 10",
          "rationale": "Configuring a minimum password length improves password security.",
          "auditCommand": "Retrieves the status of the 'Minimum Password Length' setting for local accounts."
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 2,
    "totalElements": 1,
    "hasMore": false
  }
}

Sample - Display controls with certain page sizeSample - Display controls with certain page size

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?pageSize=3' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

API Response

{
  "data": [
    {
      "id": 1044,
      "type": "SDC",
      "updateDate": "2025-07-25T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorizations (Multi-user ACL/role)",
      "statement": "Status of the 'O7_DICTIONARY_ACCESSIBILITY' setting in init.ora",
      "criticality": {
        "label": "CRITICAL",
        "value": 4
      },
      "technologies": [
        {
          "id": 7,
          "name": "Oracle 9i",
          "rationale": "The 'O7_DICTIONARY_ACCESSIBILITY' setting controls access to SYS schema objects."
        },
        {
          "id": 99,
          "name": "Oracle 12c",
          "rationale": "Restricting SYS schema access reduces security risk.",
          "auditCommand": "Retrieves the value of the O7_DICTIONARY_ACCESSIBILITY parameter."
        }
      ],
      "frameworks": [
        {
          "id": 2443,
          "name": "ISO/IEC 27001:2013 Edition 2013-11",
          "references": [
            {
              "section": "9.4.1",
              "comments": "Information access restriction"
            }
          ]
        }
      ]
    },
    {
      "id": 1045,
      "type": "SDC",
      "updateDate": "2018-10-12T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "OS Security Settings",
      "subCategory": "System Settings (OSI layers 6-7)",
      "statement": "Status of the 'Clipbook' service (startup type)",
      "criticality": {
        "label": "SERIOUS",
        "value": 3
      },
      "technologies": [
        {
          "id": 1,
          "name": "Windows XP desktop",
          "rationale": "The Clipbook service should generally be disabled to reduce security exposure."
        }
      ],
      "frameworks": [
        {
          "id": 4941,
          "name": "Secure Controls Framework (SCF) 2021.2",
          "references": [
            {
              "section": "CFG-03.1",
              "comments": "Periodic Review"
            }
          ]
        }
      ]
    },
    {
      "id": 1046,
      "type": "SDC",
      "updateDate": "2024-09-26T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorization (Single-user ACL/role)",
      "statement": "Current status of the '_trace_files_public' initialization parameter",
      "criticality": {
        "label": "CRITICAL",
        "value": 4
      },
      "technologies": [
        {
          "id": 216,
          "name": "Oracle 19c",
          "rationale": "Public access to trace files may expose sensitive audit information.",
          "auditCommand": "Retrieves the value of the _TRACE_FILES_PUBLIC parameter."
        }
      ],
      "frameworks": [
        {
          "id": 6565,
          "name": "CIS Oracle Database 12c Benchmark v3.0.0",
          "references": [
            {
              "section": "2.2.17",
              "comments": "Ensure '_trace_files_public' Is Set to 'FALSE'"
            }
          ]
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 3,
    "totalElements": 3,
    "hasMore": false
  }
}  

Sample -  Display controls update after a certain date and/or timeSample -  Display controls update after a certain date and/or time

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?updated_after_datetime=2026-05-11T00%3A00%3A00Z' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1071,
      "type": "SDC",
      "updateDate": "2026-06-01T00:00:00Z",
      "createdDate": "2007-10-17T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authentication/Passwords",
      "statement": "Status of the 'Minimum Password Length' setting",
      "criticality": {
        "label": "URGENT",
        "value": 5
      },
      "technologies": [
        {
          "id": 1,
          "name": "Windows XP desktop",
          "rationale": "Configuring a minimum password length helps protect against brute-force attacks."
        },
        {
          "id": 10,
          "name": "Solaris 10.x",
          "rationale": "Checks the configured minimum password length on the system.",
          "auditCommand": "Retrieves the PASSLENGTH setting from /etc/default/passwd."
        },
        {
          "id": 91,
          "name": "Windows 10",
          "rationale": "Configuring a minimum password length improves password security.",
          "auditCommand": "Retrieves the status of the 'Minimum Password Length' setting for local accounts."
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 2,
    "totalElements": 1,
    "hasMore": false
  }
}

Sample -  Display controls with technology audit commandSample -  Display controls with technology audit command

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?fields=technologies_audit_commands' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1044,
      "type": "SDC",
      "technologies": [
        {
          "id": 99,
          "name": "Oracle 12c",
          "auditCommand": "This signature retrieves the setting of the parameter O7_DICTIONARY_ACCESSIBILITY from the Oracle instance parameters. This parameter controls whether database users have access to all data dictionary objects."
        },
        {
          "id": 175,
          "name": "Oracle 18c",
          "auditCommand": "This signature retrieves the setting of the parameter O7_DICTIONARY_ACCESSIBILITY from the Oracle instance parameters. This parameter controls whether database users have access to all data dictionary objects."
        },
        {
          "id": 310,
          "name": "Oracle 12c Multitenant",
          "auditCommand": "The control detects the value of the Oracle database parameter O7_DICTIONARY_ACCESSIBILITY..."
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 1,
    "totalElements": 1,
    "hasMore": false
  }
}

Sample -  Display controls with frameworksSample -  Display controls with frameworks

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?fields=frameworks' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1044,
      "type": "SDC",
      "frameworks": [
        {
          "id": 2443,
          "name": "ISO/IEC 27001:2013 Edition 2013-11",
          "references": [
            {
              "section": "9.4.1",
              "comments": "Information access restriction"
            }
          ]
        },
        {
          "id": 2481,
          "name": "Cloud Controls Matrix (CCM) Ver 3.0.1",
          "references": [
            {
              "section": "IAM-02",
              "comments": "Credential Lifecycle / Provision Management"
            }
          ]
        },
        {
          "id": 2701,
          "name": "Health Insurance Portability and Accountability (HIPAA) Security Rule",
          "references": [
            {
              "section": "164.308(a)(3)(i)",
              "comments": "Access Control Policies and Procedures"
            },
            {
              "section": "164.312(a)(2)(i)",
              "comments": "Unique user identification (Required)"
            }
          ]
        }
      ]
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 3,
    "totalElements": 1,
    "hasMore": false
  }
}

Sample -  Display controls with coreSample -  Display controls with core

API  Request

curl --location '<gateway_base_url>/pcas/v1/compliance/controls?fields=core' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <Bearer Token>'

JSON Response

{
  "data": [
    {
      "id": 1044,
      "type": "SDC",
      "updateDate": "2025-07-25T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorizations (Multi-user ACL/role)",
      "statement": "Status of the 'O7_DICTIONARY_ACCESSIBILITY' setting in init.ora"
    },
    {
      "id": 1045,
      "type": "SDC",
      "updateDate": "2018-10-12T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "OS Security Settings",
      "subCategory": "System Settings (OSI layers 6-7)",
      "statement": "Status of the 'Clipbook' service (startup type)"
    },
    {
      "id": 1046,
      "type": "SDC",
      "updateDate": "2024-09-26T00:00:00Z",
      "createdDate": "2007-10-12T00:00:00Z",
      "category": "Access Control Requirements",
      "subCategory": "Authorization (Single-user ACL/role)",
      "statement": "Current status of the '_trace_files_public' initialization parameter"
    }
  ],
  "pagination": {
    "page": 0,
    "totalPages": 1,
    "pageSize": 4,
    "totalElements": 3,
    "hasMore": false
  }
}

Mandatory Input Parameters for Updating HashiCorp and WAB Vaults

New or Updated API Updated
API Endpoint /api/3.0/fo/auth/
Method GET and POST
DTD or XSD changes No

With this release, we have made certain input parameters mandatory for updating authentication records created using HashiCorp or Wallix AdminBastian (WAB) authentication vaults. Previously, this existed for the Infloblox authentication technology V2.0 API. Now we have extended this to the following authentication technology V3.0 APIs:

  • DataStax
  • OLVM
  • NSX
  • Cisco APIC
  • Infoblox
  • Cassandra

When updating authentication records created using a HashiCorp or Wallix AdminBastian vault, the authentication record 'login type' was incorrectly converted to basic. To prevent this, the following existing input parameters are made mandatory when updating authentication records:

  • login_type
  • vault_type
  • secret_kv_name (for HashiCorp vault)
  • secret_kv_key (for HashiCorp vault)
  • authorization_name (for Wallix AdminBastian vault)
  • target_name (for Wallix AdminBastian vault)

Including these parameters ensures that the authentication record retains the correct vault type.

Input ParametersInput Parameters

Parameter Name Required / Optional Data Type Description
login_type={basic|vault} Required Boolean The login type is basic by default. Select vault (for vault-based authentication).
vault_type={value} Required String The vault type (HashiCorp and Wallix) to be used for authentication.
secret_kv_name={value} Required when vault_type is selected as HashiCorp String The secret name that stores key-value pairs.
secret_kv_key={value} Required when vault_type is selected as HashiCorp Integer The key name for identifying a specific key-value pair.
authorization_name=
{value}
Required when vault_type is selected as Wallix String The name of the authorization that enables secret retrieval from a group of targets.
target_name={value} Required when vault_type is selected as Wallix String Specify the name of the target device using one of these formats:

user@global_WABdomain

user@local_WABdomain@device

where user is the user with access to the target, global_WABdomain is a domain name in a domain controller, local_WABdomain is a local domain, device is the device you want to scan

Use one or more variables in the target name to match
several targets that use the same naming convention.
${ip} - The IP address of the target, i.e. 10.20.30.40.
${ip_dash} - The IP with dashes, i.e. 10-20-30-40.
${dnshost} - DNS hostname of the target, i.e. host.domain.
${host} - Hostname of the target, i.e. host before .domain.
${nbhost} - (Windows only) The NetBIOS name of the
target in upper-case, i.e. HOST_ABC.

For example, the target name
user@local_WABdomain@${ip} will match these 3 devices:
10.50.60.70, 10.50.60.88 and 10.30.10.12.

The above input parameters are mandatory when updating the authentication record for HashiCorp or Wallix authentication vaults details only.

Sample - Update DataStax Record for HashiCorp Authentication VaultsSample - Update DataStax Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321422&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/datastax/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321422</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update OLVM Record for HashiCorp and Wallix Authentication VaultsSample - Update OLVM Record for HashiCorp and Wallix Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321432&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/olvm/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321432</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update NSX Record for HashiCorp Authentication VaultsSample - Update NSX Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321402&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/nsx/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321402</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update Cisco APIC Record for HashiCorp Authentication VaultsSample - Update Cisco APIC Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321442&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/cisco_apic/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321442</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update Cassandra Record for HashiCorp Authentication VaultsSample - Update Cassandra Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321462&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/cassandra/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321462</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update Infloblox Record for HashiCorp Authentication VaultsSample - Update Infloblox Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321452&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/infoblox/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321452</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update Infloblox Record for Wallix Authentication VaultsSample - Update Infloblox Record for Wallix Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9352408&title=john_info&add_ips=1.1.1.14&authorization_name=123&login_type=vault&vault_type=Wallix AdminBastion (WAB)&target_name=user@local_WABdomain@device"  "<qualys_base_url>/api/3.0/fo/auth/infoblox/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321432</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update OLVM Record for HashiCorp Authentication VaultsSample - Update OLVM Record for HashiCorp Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9321432&title=john_dt&add_ips=1.1.1.14&login_type=vault&secret_kv_name=secret&secret_kv_key=secret&vault_type=HashiCorp""<qualys_base_url>/api/3.0/fo/auth/olvm/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321432</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Sample - Update OLVM Record for Wallix Authentication VaultsSample - Update OLVM Record for Wallix Authentication Vaults

API  Request

curl -s -S -H 'X-Requested-With:curl demo2' -u "<username>:<password>" -d "action=update&ids=9352408&title=john_info&add_ips=1.1.1.14&authorization_name=123&login_type=vault&vault_type=Wallix AdminBastion (WAB)&target_name=user@local_WABdomain@device" "<qualys_base_url>/api/3.0/fo/auth/olvm/"

API Response

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/3.0/batch_return.dtd">
    <BATCH_RETURN>
        <RESPONSE>
            <DATETIME>2026-07-01T06:08:33Z</DATETIME>
            <BATCH_LIST>
                <BATCH>
                    <TEXT>Successfully Updated</TEXT>
                    <ID_SET>
                        <ID>9321432</ID>
                    </ID_SET>
                </BATCH>
            </BATCH_LIST>
        </RESPONSE>
    </BATCH_RETURN>

Issues Addressed

The following reported and notable customer issues are fixed in this release:

Component/Category Description
PA - API When the user updated authentication records for Cisco APIC, using HashiCorp vault, they observed that the authentication record type was getting incorrectly converted to basic. Relevant code changes have been made to fix the issue.