Creates a new authentication record.
Permissions required - User must have WAS module enabled. User account must have these permissions: Access Permission “API Access” and Asset Management Permission “Create Authentication Record”. The output includes authentication records in the user's scope.
These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND. Click here for descriptions of <WebApp> elements.
Click here for available operators
|
Parameter |
Mandatory /Optional |
Data Type |
Description |
|---|---|---|---|
|
name |
Optional |
text |
Authentication record name. |
|
WebApp AuthRecord |
Optional |
text |
Details associated with the web application authentication record. Use these parameters to create OAuth2 authentication record: WebAppAuthRecord.oauth2Record.grantType - (text) (Required if authentication type is OAuth2) Valid values are: 1) NONE, AUTH_CODE, IMPLICIT, PASSWORD, and CLIENT_CREDS. NONE means no grant type is selected. These are fields we support for each grant type: 1) AUTH_CODE - We support these fields for Authorization Code: 1) seleniumScript, 2) redirectUrl, 3) accessTokenUrl, 4) clientId (optional), 5) clientSecret (optional), 6) scope, (optional) and 7) accessTokenExpiredMsgPattern (optional) Note: Selenium script is mandatory for Authorization Code. We support parametrized username and password in the selenium script. See “Create a Selenium script to parameterize username and password” in the WAS API guide. 2) IMPLICIT - We support these fields for Implicit: 1) seleniumScript, and 2) redirectUrl Note: Selenium script is mandatory for Implicit. We support parametrized username and password in the selenium script. See “Create a Selenium script to parameterize username and password” in the WAS API guide. 3) PASSWORD - We support these fields for Resource Owner Password Credentials: 1) accessTokenUrl, 2) username, 3) password, 4) clientId (optional), 5) clientSecret (optional), 6) scope (optional), and 7) accessTokenExpiredMsgPattern (optional) 4) CLIENT_CREDS - We support these fields for Client Credentials: 1) accessTokenUrl, 2) clientId (optional), 3) clientSecret (optional), and 4) scope, (optional) Note: When creating an authentication record, you can specify either a Form record (used for web application authentication) or an OAuth2 record (used for the Swagger/Open API file authentication) in the request. While updating an authentication record, - Send the Form record with type as NONE if you want to set an OAuth2 record instead of a form record. - Send OAuth2 with grant type as NONE if you want to set a Form record instead of an OAuth2 record. |
|
tags |
Optional |
text |
Tag associated with the authentication record. |
|
comments |
Optional |
text |
User-defined comments. |
Let us create a new web application called “My Web Application” with the starting URL “http://mywebapp.com”. The default web application settings are assigned automatically.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/webappauthrecord" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[STANDARD auth]]>
</name>
<formRecord>
<type>STANDARD</type>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthFormRecordField>
<name>username</name>
<value>john</value>
</WebAppAuthFormRecordField>
<WebAppAuthFormRecordField>
<name>password</name>
<value>secret</value>
</WebAppAuthFormRecordField>
</set>
</fields>
</formRecord>
<tags>
<set>
<Tag>
<id>152743</id>
</Tag>
</set>
</tags>
<comments>
<set>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
</Comment>
</set>
</comments>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML Response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>80149</id>
<name>
<![CDATA[STANDARD auth]]>
</name>
<owner>
<id>45941</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</owner>
<formRecord>
<type>STANDARD</type>
<sslOnly>true</sslOnly>
<fields>
<count>2</count>
<list>
<WebAppAuthFormRecordField>
<id>835050</id>
<name>
<![CDATA[username]]</name><value>
<![CDATA[john]]</value></WebAppAuthFormRecordField><WebAppAuthFormRecordField><id>835051</id><name>
<![CDATA[username]]>
</name>
<value>
<![CDATA[jim]]>
</value>
</WebAppAuthFormRecordField>
</list>
</fields>
</formRecord>
<tags>
<count>1</count>
<list>
<Tag>
<id>152743</id>
<name>
<![CDATA[Asset Groups]]>
</name>
</Tag>
</list>
</tags>
<comments>
<count>1</count>
<list>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
<createdDate>2017-10-18T18:18:01Z</createdDate>
</Comment>
</list>
</comments>
<createdDate>2017-10-18T18:18:01Z</createdDate>
<createdBy>
<id>45941</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</createdBy>
<updatedDate>2017-10-18T18:18:01Z</updatedDate>
<updatedBy>
<id>45941</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
</WebAppAuthRecord>
</data>
</ServiceResponse>
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/create/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[CUSTOM auth]]>
</name>
<formRecord>
<type>CUSTOM</type>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthFormRecordField>
<name>some username</name>
<value>Login</value>
<secured>false</secured>
</WebAppAuthFormRecordField>
<WebAppAuthFormRecordField>
<name>some password with true</name>
<value>real password</value>
<secured>true</secured>
</WebAppAuthFormRecordField>
<WebAppAuthFormRecordField>
<name>not password with false</name>
<secured>false</secured>
<value>fake password</value>
</WebAppAuthFormRecordField>
</set>
</fields>
</formRecord>
<comments>
<set>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
</Comment>
</set>
</comments>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML Response
<<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>685133</id>
<name>
<![CDATA[CUSTOM auth]]>
</name>
<owner>
<id>75913465</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</owner>
<formRecord>
<type>CUSTOM</type>
<sslOnly>true</sslOnly>
<fields>
<count>3</count>
<list>
<WebAppAuthFormRecordField>
<id>692981</id>
<name>
<![CDATA[not password with false]]>
</name>
<secured>false</secured>
<value>
<![CDATA[fake password]]>
</value>
</WebAppAuthFormRecordField>
<WebAppAuthFormRecordField>
<id>692982</id>
<name>
<![CDATA[some password with true]]>
</name>
<secured>true</secured>
<value>
<![CDATA[*****]]>
</value>
</WebAppAuthFormRecordField>
<WebAppAuthFormRecordField>
<id>692983</id>
<name>
<![CDATA[some username]]>
</name>
<secured>false</secured>
<value>
<![CDATA[Login]]>
</value>
</WebAppAuthFormRecordField>
</list>
</fields>
</formRecord>
<tags>
<count>0</count>
</tags>
<comments>
<count>1</count>
<list>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
<createdDate>2018-11-21T09:25:00Z</createdDate>
</Comment>
</list>
</comments>
<createdDate>2018-11-21T09:25:00Z</createdDate>
<createdBy>
<id>75913465</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</createdBy>
<updatedDate>2018-11-21T09:25:00Z</updatedDate>
<updatedBy>
<id>75913465</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
</WebAppAuthRecord>
</data>
</ServiceResponse>
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<?xml version="1.0" encoding="UTF-8"?>
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[From API - Selenium]]>
</name>
<formRecord>
<type>SELENIUM</type>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head profile="http://selenium-ide.openqa.org/profiles/test-case">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="https://community.qualys.com/" />
<title>seleniumScriptOK</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">seleniumScriptOK</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>https://community.qualys.com/index.jspa</td>
<td></td>
</tr>
<tr>
<td>clickAndWait</td>
<td>css=#qc-homepage-cafe > span.qc-homepage-header-item-title</td>
<td></td>
</tr>
<tr>
<td>clickAndWait</td>
<td>link=Introduction to Qualys Mapping</td>
<td></td>
</tr>
</tbody>
</table>
</body></html>]]>
</data>
<regex>
<![CDATA[selenium]]>
</regex>
</seleniumScript>
</formRecord>
</WebAppAuthRecord>
</data>
</ServiceRequest
XML Response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>307757</id>
<name>
<![CDATA[From API - Selenium]]>
</name>
<owner>
<id>4354</id>
<username>user_alice</username>
<firstName>
<![CDATA[Alice]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</owner>
<formRecord>
<type>SELENIUM</type>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head profile="http://selenium-ide.openqa.org/profiles/test-case">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="https://community.qualys.com/" />
<title>seleniumScriptOK</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">seleniumScriptOK</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>https://community.qualys.com/index.jspa</td>
<td></td>
</tr>
<tr>
<td>clickAndWait</td>
<td>css=#qc-homepage-cafe > span.qc-homepage-header-item-title</td>
<td></td>
</tr>
<tr>
<td>clickAndWait</td>
<td>link=Introduction to Qualys Mapping</td>
<td></td>
</tr>
</tbody>
</table>
</body></html>]]>
</data>
<regex>
<![CDATA[selenium]]>
</regex>
</seleniumScript>
</formRecord>
<tags>
<count>0</count>
</tags>
<comments>
<count>0</count>
</comments>
<createdDate>2017-05-06T16:23:43Z</createdDate>
<createdBy>
<id>4354</id>
<username>user_alex</username>
<firstName>
<![CDATA[Alice]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</createdBy>
<updatedDate>2017-05-06T16:23:43Z</updatedDate>
<updatedBy>
<id>4354</id>
<username>user_alex</username>
<firstName>
<![CDATA[Alice]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
</WebAppAuthRecord>
</data>
</ServiceResponse>
When using selenium script for authentication, you have the option to parameterize the username and password. Specify the username and password in the authentication record and then during the scan, we will replace @@authusername@@ and @@authpassword@@ with this username and password. Add these 2 parameters: @@authusername@@ for username and @@authpassword@@ for password inside the Selenium script. The parameter names are case insensitive.
The advantage of using the parameters in the script is that you can change the login credentials without modifying your selenium script.
To use the parameters inside the selenium script, you need to set “seleniumCreds” to “true” in the authentication record. If you set the parameter to “false”, then adding the placeholders in the script will return an error.
Let us create an authentication record of type Selenium script and add @@authusername@@ and @@authpassword@@ inside the selenium script and set the parameter “seleniumCreds” to "true".
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-"<qualys_base_url>/qps/rest/3.0/create/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.Request POST data
<?xml version="1.0" encoding="UTF-8"?>
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[From API - Selenium]]>
</name>
<formRecord>
<type>SELENIUM</type>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="http://10.10.31.25/" />
<title>seleauth</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">Untitled Test Case</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>http://10.10.31.25/login_2/index.php</td>
<td></td>
</tr>
<tr>
<td>type</td>
<td>name=username</td>
<td>@@authusername@@</td>
</tr>
<tr>
<td>type</td>
<td>name=password</td>
<td>@@authpassword@@</td>
</tr>
<tr>
<td>click</td>
<td>css=input[type="submit"]</td>
<td></td>
</tr>
</tbody>
</table>
</body>
</html>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>804942</id>
<name>
<![CDATA[From API - Selenium]]>
</name>
<owner>
<id>5759808</id>
<username>joe_user</username>
<firstName>
<![CDATA[joe]]>
</firstName>
<lastName>
<![CDATA[user]]>
</lastName>
</owner>
<formRecord>
<type>SELENIUM</type>
<authVault>false</authVault>
<seleniumCreds>true</seleniumCreds>
<seleniumScript>
<name>
<![CDATA[
seleniumScriptOK
]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" />
<link rel="selenium.base" href="http://10.10.31.25/"
/>
<title>seleauth</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">Untitled
Test Case</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>http://10.10.31.25/login_2/index.php</td>
<td></td>
</tr>
<tr>
<td>type</td>
<td>name=username</td>
<td>@@authusername@@</td>
</tr>
<tr>
<td>type</td>
<td>name=password</td>
<td>@@authpassword@@</td>
</tr>
<tr>
<td>click</td>
<td>css=input[type="submit"]</td>
<td></td>
</tr>
</tbody>
</table>
</body>
</html>API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/create/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[server auth]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<certificate>
<name>
<![CDATA[My Certificate]]>
</name>
<contents>
<![CDATA[-----BEGIN CERTIFICATE-----
MIIC4jCCAkugAwIBAgIJAPU+Kw6GX2aMMA0GCSqGSIb3DQEBBQUAMIGJMQswCQYD
VQQGEwJGUjEPMA0GA1UECAwGRnJhbmNlMREwDwYDVQQHDAhUb3Vsb3VzZTEPMA0G
A1UECgwGUXVhbHlzMRUwEwYDVQQLDAxRdWFseXMgVGVjaC4xDTALBgNVBAMMBE5p
Y28xHzAdBgkqhkiG9w0BCQEWEG5iaXplQHF1YWx5cy5jb20wHhcNMTExMDA1MjIx
...
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC4SiB/HaNxQtwQUtot867MxTP1PqAQh7VyHIdBs037eafpd8B6
apHhih0Jw0zr2RzcWniUUhhpvwL4apG470/RzkIKSNu4h9akHqA5b0Pe0ZasrE7B
MxUZWNf9dfrY+JXQmdaPce0i4w4zZR+PabXDy5Mg9ONEUKS3AONCHk7acwIDAQAB
AoGAMHwAFLFdgLzQXNMPZ6uGv4TaaJkzT2YEzKLIyvY7e//Dt160GwDSpH3Lqffh
...
-----END RSA PRIVATE KEY-----]]>
</contents>
<passphrase>My Certificate</passphrase>
</certificate>
</serverRecord>
<comments>
<set>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
</Comment>
</set>
</comments>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML Response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>685134</id>
<name>
<![CDATA[server auth]]>
</name>
<owner>
<id>75913465</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</owner>
<serverRecord>
<sslOnly>true</sslOnly>
<certificate>
<name>
<![CDATA[My Certificate]]>
</name>
<contents>
<![CDATA[-----BEGIN CERTIFICATE-----
MIIC4jCCAkugAwIBAgIJAPU+Kw6GX2aMMA0GCSqGSIb3DQEBBQUAMIGJMQswCQYD
VQQGEwJGUjEPMA0GA1UECAwGRnJhbmNlMREwDwYDVQQHDAhUb3Vsb3VzZTEPMA0G
A1UECgwGUXVhbHlzMRUwEwYDVQQLDAxRdWFseXMgVGVjaC4xDTALBgNVBAMMBE5p
Y28xHzAdBgkqhkiG9w0BCQEWEG5iaXplQHF1YWx5cy5jb20wHhcNMTExMDA1MjIx
OTQ5WhcNMTIxMDA0MjIxOTQ5WjCBiTELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZy
YW5jZTERMA8GA1UEBwwIVG91bG91c2UxDzANBgNVBAoMBlF1YWx5czEVMBMGA1UE
CwwMUXVhbHlzIFRlY2guMQ0wCwYDVQQDDAROaWNvMR8wHQYJKoZIhvcNAQkBFhBu
Yml6ZUBxdWFseXMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4SiB/
HaNxQtwQUtot867MxTP1PqAQh7VyHIdBs037eafpd8B6apHhih0Jw0zr2RzcWniU
UhhpvwL4apG470/RzkIKSNu4h9akHqA5b0Pe0ZasrE7BMxUZWNf9dfrY+JXQmdaP
ce0i4w4zZR+PabXDy5Mg9ONEUKS3AONCHk7acwIDAQABo1AwTjAdBgNVHQ4EFgQU
2MfOD/CeGujBKQGGaXTIoPPUPUowHwYDVR0jBBgwFoAU2MfOD/CeGujBKQGGaXTI
oPPUPUowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCySmA+hoaTvmlV
RptWqID24SH3r4FQPR9wan/RcXbpTl5hwboauUspqwSmx/jKKtsLy9VdLJLnf3NT
p/9U5TscI5d3Xw5EHKVcNnGFZwb5uc18jXhvEpUi+WWlGhIP6Nin3gdAcyxXYTcB
ILvK0dar1//cJZRn7+tRFFcw6keITQ==
-----END CERTIFICATE-----
]]>
</contents>
</certificate>
<fields>
<count>0</count>
</fields>
</serverRecord>
<tags>
<count>0</count>
</tags>
<comments>
<count>1</count>
<list>
<Comment>
<contents>
<![CDATA[some comments]]>
</contents>
<createdDate>2018-11-21T09:41:59Z</createdDate>
</Comment>
</list>
</comments>
<createdDate>2018-11-21T09:41:59Z</createdDate>
<createdBy>
<id>75913465</id>
<username>user_john</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</createdBy>
<updatedDate>2018-11-21T09:41:59Z</updatedDate>
<updatedBy>
<id>75913465</id>
<username>username</username>
<firstName>
<![CDATA[John]]>
</firstName>
<lastName>
<![CDATA[Smith]]>
</lastName>
</updatedBy>
</WebAppAuthRecord>
</data>
</ServiceResponse>
API request
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @-
"<qualys_base_url>/rest/3.0/create/was/webappauthrecord" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[GrantType-Client-credentials-SPP]]>
</name>
<oauth2Record>
<grantType>CLIENT_CREDS</grantType>
<accessTokenUrl>http://www.authTokenUrl.com
</accessTokenUrl>
<clientId>clientIdVal</clientId>
<clientSecret>clientSecretVal</clientSecret>
<scope>scope</scope>
</oauth2Record>
</WebAppAuthRecord>
</data>
</ServiceRequest>
Let us create an OAuth2 authentication record with grant type Implicit that requires selenium script.
API request
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @- "<qualys_base_url>/rest/3.0/create/was/webappauthrecord" < file.xml Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[OAuth2 and Server Auth Record]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<oauth2Record>
<grantType>IMPLICIT</grantType>
<redirectUrl>http://www.redirectUrl.com</redirectUrl>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="http://10.10.31.25/" />
<title>seleauth</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">Untitled Test Case</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>http://10.10.31.25/login_2/index.php</td>
<td></td>
</tr>
<tr>
<td>type</td>
<td>name=username</td>
<td>@@authusername@@</td>
</tr>
<tr>
<td>type</td>
<td>name=password</td>
<td>@@authpassword@@</td>
</tr>
<tr>
<td>click</td>
<td>css=input[type="submit"]</td>
<td></td>
</tr>
</tbody>
</table>
</body></html>]]>
</data>
<regex>
<![CDATA[selenium]]>
</regex>
</seleniumScript>
<seleniumCreds>true</seleniumCreds>
<username>uname</username>
<password>pwd</password>
</oauth2Record>
</WebAppAuthRecord>
</data><platform API server>/qps/xsd/3.0/was/webappauthrecord.xsd