This help is intended for application developers who use the Qualys VMDR OT API.
Learn the basics about making API requests. The base URL depends on the platform where your Qualys account is located. The Qualys VMDR OT API uses the following framework:
The URL for making API requests respects the following structure:
https://<baseurl>/<module>/<object>/<object_id>/<operation>
Refer to the following table for the field description.
| Field | Description |
|---|---|
| <baseurl> | The Qualys API server URL that you should use for API requests depends on the platform where your account is located. The base URL for Qualys US Platform 1 is: https:///gateway.qg1.apps.qualys.com |
| <module> | The API module. For the VMDR OT API, the module is: “ot”. |
| <object> | The module-specific object. |
| <object_id> | (Optional) The module-specific object ID, if appropriate. |
| <operation> | The request operation, such as count. |
The Qualys API URL you should use for API requests depends on the Qualys platform.
Click here to identify your Qualys platform and get the API URL
This documentation uses the API gateway URL for Qualys US Platform 1 (https://gateway.qg1.apps.qualys.com) in sample API requests. If you are on another platform, please replace this URL with the appropriate gateway URL for your account.
Get tips on using the Curl command-line tool to make API requests. Every API request must authenticate using a JSON Web Token (JWT) obtained from the Qualys Authentication API.
You must authenticate to the Qualys Cloud Platform using Qualys account credentials (user name and password) and get the JSON Web Token (JWT) before you can start using the VMDR OT APIs. Use the Qualys Authentication API to get the JWT.
Example Authentication Curl Request:
API Request
curl -X POST
"https://<QualysBaseURL>/auth"
-H "Content-Type: application/x-www-form-urlencoded"
-d "username=value1&password=value2&token=true"
The following table explains the various components of this request:
| QualysBaseURL | It is the base URL for the Qualys API server where your account is located. The base URL for Qualys US Platform 1 is: https:///gateway.qg1.apps.qualys.com |
| value1 and value2 | value1 is the username and value 2 is the password of the user account for which you want to fetch Asset Management data. |
| token | It must be true. |
| Content-Type | It must be application/x-www-form-urlencoded. |
Curl is a multi-platform command-line tool used to transfer data using multiple protocols. This tool is supported on many systems, including Windows, Unix, Linux and Mac. In this document Curl is used in the examples to build Qualys API requests using the HTTP over SSL (https) protocol, which is required.
Want to learn more? Visit https://curl.haxx.se/
The following Curl options are used according to different situations:
The following sample shows a typical Curl request using the options mentioned and how they interact.
Curl Request
curl -X POST
"https://gateway.qg1.apps.qualys.com/auth"
-H "Content-Type: application/x-www-form-urlencoded"
-d "username=john_doe&password=john_doe&token=true"
To make calls using the VMDR OT API, you must have the VMDROT.API.ACCESS permission.
The Qualys API enforces limits on the API calls a customer can make based on their subscription settings. The limits apply to the use of all Qualys APIs except “auth” API (JWT Token Generation API). Default API control settings are provided by the service. Note these settings may be customized per subscription by Qualys Support. The rate count and period are calculated dynamically each time an API call is received. The rate period represents a rolling window when API calls are counted.
Sample Request
curl -X POST
-H "Accept: */*"
-H "Authorization: Bearer <JWT Token>"
-H "Content-Type: application/json"
-i
Subscribe to our API Notifications RSS Feeds for announcements and the latest news.
|
From our Community |