Update Authentication Record
Update an authentication record that is in the user’s scope.
Permissions required: User must have WAS module enabled. The user account must have these permissions:
- Access Permission: API Access
The output includes authentication records in the user's scope.
Input ParametersInput Parameters
The element “id” (integer) is required, where “id” identifies an authentication record.
Sample - Update authentication record settingsSample - Update authentication record settings
Let us update the settings for authentication record ID 82605.
API request:
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/update/was/webappauthrecord/82605" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[Form and Server Auth]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<formRecord>
<type>STANDARD</type>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthFormRecordField>
<name>username</name>
<value>Login</value>
</WebAppAuthFormRecordField>
</set>
</fields>
</formRecord>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>82605</id>
</WebAppAuthRecord>
</data>
</ServiceResponse>
Sample: Update a Form authentication record to OAuth2 recordSample: Update a Form authentication record to OAuth2 record
Let us update a form authentication record to set the OAuth2 record with the Client Credentials grant type. If you want to set an OAuth2 record instead of a form record, then set the form record with the type as NONE.
API request:
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @-
"<qualys_base_url>/rest/3.0/update/was/webappauthrecord/82609" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[My Oauth Record]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<formRecord>
<type>NONE</type>
</formRecord>
<oauth2Record>
<grantType>CLIENT_CREDS</grantType>
<accessTokenUrl>http://www.authTokenUrl.com
</accessTokenUrl>
<clientId>clientIdVal</clientId>
<clientSecret>clientSecretVal</clientSecret>
<scope>scope</scope>
</oauth2Record>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?> <ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd"> <responseCode>SUCCESS</responseCode> <count>1</count> <data> <WebAppAuthRecord> <id>82609</id> </WebAppAuthRecord> </data> </ServiceResponse>
Sample: Update a Form authentication record to OAuth2 record with selenium scriptSample: Update a Form authentication record to OAuth2 record with selenium script
Let us update a form authentication record to set OAuth2 record with grant type Implicit that requires selenium script. If you want to set an OAuth2 record instead of a form record, then set the form record with type as NONE.
API request:
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @-
"<qualys_base_url>/rest/3.0/update/was/webappauthrecord/82622" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data:
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[OAuth2 and Server Auth Record]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<oauth2Record>
<grantType>IMPLICIT</grantType>
<redirectUrl>http://www.redirectUrl.com</redirectUrl>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-
strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="http://10.10.31.25/" />
<title>seleauth</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">Untitled Test Case</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>http://10.10.31.25/login_2/index.php</td>
<td></td>
</tr>
<tr>
<td>type</td>
<td>name=username</td>
<td>@@authusername@@</td>
</tr>
<tr>
<td>type</td>
<td>name=password</td>
<td>@@authpassword@@</td>
</tr>
<tr>
<td>click</td>
<td>css=input[type="submit"]</td>
<td></td>
</tr>
</tbody>
</table>
</body></html>]]>
</data>
<regex>
<![CDATA[selenium]]>
</regex>
</seleniumScript>
<seleniumCreds>true</seleniumCreds>
<username>uname</username>
<password>pwd</password>
</oauth2Record>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response:
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>82622</id>
</WebAppAuthRecord>
</data>
</ServiceResponse>
XSD
<platform API server>/qps/xsd/3.0/was/webappauthrecord.xsd