Search Authentication Record

[POST] /qps/rest/3.0/search/was/webappauthrecord

Returns a list of authentication records that are in the user’s scope.

Permissions required - User must have WAS module enabled. The user account must have these permissions: Access Permission “API Access”. The output includes authentication records in the user's scope.

Input ParametersInput Parameters

These elements are optional and act as filters. When multiple elements are specified, parameters are combined using a logical AND. Click here for descriptions of <WebApp> elements.

The special field=attributes attribute for the Criteria element is used to search custom attributes (see sample below).

Click here for available operators

Parameter	Mandatory /Optional	Data Type	Description
id	Optional	integer	Authentication record ID.
name	Optional	text	Authentication record name.
tags	Optional	text	Tag associated with the authentication record.
tags.name	Optional	text	Tag name assigned to the authentication record.
tags.id	Optional	integer	Tag ID assigned to the authentication record.
createdDate	Optional	date	The date when the authentication record was created in WAS, in UTC date/time format.
updatedDate	Optional	date	The date when the authentication record was updated in WAS, in UTC date/time format.
lastScan.date	Optional	date	The date when the web application (associated with the authentication record) was last scanned, in UTC date/time format.
lastScan. authStatus	Optional	keyword	Authentication status reported by the last web application scan: NONE, NOT_USED, SUCCESSFUL, FAILED or PARTIAL
isUsed	Optional	boolean	Indicates whether used by a web application or scan.
contents	Optional	keyword	FORM_STANDARD, FORM_CUSTOM, FORM_SELENIUM, SERVER_BASIC, SERVER_DIGEST, SERVER_NTLM, CERTIFICATE, OAUTH2_AUTH_CODE, OAUTH2_IMPLICIT, OAUTH2_PASSWORD, and OAUTH2_CLIENT_CREDS)

Sample - Search authentication records (no criteria)Sample - Search authentication records (no criteria)

Let us view a list of all authentication records in the user’s scope.

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" "<qualys_base_url>/qps/rest/3.0/search/was/webappauthrecord/"

XML response

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>3</count>
    <hasMoreRecords>false</hasMoreRecords>
    <data>
        <WebAppAuthRecord>
            <id>82605</id>
            <name>
                <![CDATA[Form Only]]>
            </name>
            <owner>
                <id>630926</id>
                <username>username</username>
                <firstName>
                    <![CDATA[John]]>
                </firstName>
                <lastName>
                    <![CDATA[Smith]]>
                </lastName>
            </owner>
            <tags>
                <count>3</count>
            </tags>
            <createdDate>2017-10-24T04:32:14Z</createdDate>
            <updatedDate>2017-10-24T07:45:05Z</updatedDate>
        </WebAppAuthRecord>
        <WebAppAuthRecord>
            <id>82606</id>
      ...
    
        </WebAppAuthRecord>
        <WebAppAuthRecord>
            <id>82607</id>
      ...
    
        </WebAppAuthRecord>
    </data>
</ServiceResponse>s

Sample - Search for a particular authentication recordSample - Search for a particular authentication record

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/search/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.

Request POST data

<ServiceRequest>
    <filters>
        <Criteria field="id" operator="EQUALS">82605</Criteria>
    </filters>
</ServiceRequest>

XML response

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
    <responseCode>SUCCESS</responseCode>
    <count>1</count>
    <hasMoreRecords>false</hasMoreRecords>
    <data>
        <WebAppAuthRecord>
            <id>82605</id>
            <name>
                <![CDATA[Sample auth]]>
            </name>
            <owner>
                <id>75913465</id>
                <username>username</username>
                <firstName>
                    <![CDATA[John]]>
                </firstName>
                <lastName>
                    <![CDATA[Smith]]>
                </lastName>
            </owner>
            <tags>
                <count>0</count>
            </tags>
            <createdDate>2018-11-15T09:30:24Z</createdDate>
            <updatedDate>2018-11-15T09:30:24Z</updatedDate>
        </WebAppAuthRecord>
    </data>
</ServiceResponse>

Sample - Search OAuth2 records with Implicit grant typeSample - Search OAuth2 records with Implicit grant type

Let us search OAuth2 records with Implicit grant type by passing OAUTH2_IMPLICIT keyword in the “contents” parameter.

API request

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "<qualys_base_url>/qps/rest/3.0/search/was/webappauthrecord/" < file.xml
Note: “file.xml” contains the request POST data.

Request POST data

 <ServiceRequest>
    <filters>
        <Criteria field="contents" operator="IN">FORM_CUSTOM,SERVER_DIGEST,
    OAUTH2_IMPLICIT</Criteria>
    </filters>
</ServiceRequest>
<ServiceRequest>
    <filters>
        <Criteria field="contents" operator="EQUALS">OAUTH2_IMPLICIT
    </Criteria>
    </filters>
</ServiceRequest>

XML Respons

XSD

<platform API server>/qps/xsd/3.0/was/webappauthrecord.xsd