Update an authentication record that is in the user’s scope.
Permissions required - User must have WAS module enabled. The user account must have these permissions: Access Permission “API Access”. The output includes authentication records in the user's scope.
The element “id” (integer) is required, where “id” identifies an authentication record.
Let us update the settings for authentication record ID 82605.
API request
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-
"<qualys_base_url>/qps/rest/3.0/update/was/webappauthrecord/82605" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[Form and Server Auth]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<formRecord>
<type>STANDARD</type>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthFormRecordField>
<name>username</name>
<value>Login</value>
</WebAppAuthFormRecordField>
</set>
</fields>
</formRecord>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>82605</id>
</WebAppAuthRecord>
</data>
</ServiceResponse>
Let us update a form authentication record to set the OAuth2 record with the Client Credentials grant type. If you want to set an OAuth2 record instead of a form record, then set the form record with the type as NONE.
API request
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @-
"<qualys_base_url>/rest/3.0/update/was/webappauthrecord/82609" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[My Oauth Record]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<formRecord>
<type>NONE</type>
</formRecord>
<oauth2Record>
<grantType>CLIENT_CREDS</grantType>
<accessTokenUrl>http://www.authTokenUrl.com
</accessTokenUrl>
<clientId>clientIdVal</clientId>
<clientSecret>clientSecretVal</clientSecret>
<scope>scope</scope>
</oauth2Record>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?> <ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd"> <responseCode>SUCCESS</responseCode> <count>1</count> <data> <WebAppAuthRecord> <id>82609</id> </WebAppAuthRecord> </data> </ServiceResponse>
Let us update a form authentication record to set OAuth2 record with grant type Implicit that requires selenium script. If you want to set an OAuth2 record instead of a form record, then set the form record with type as NONE.
API request
curl -n -u "USERNAME:PASSWORD" -H "content-type: text/xml"-X "POST" -- data-binary @-
"<qualys_base_url>/rest/3.0/update/was/webappauthrecord/82622" < file.xml
Note: “file.xml” contains the request POST data.
Request POST data
<ServiceRequest>
<data>
<WebAppAuthRecord>
<name>
<![CDATA[OAuth2 and Server Auth Record]]>
</name>
<serverRecord>
<sslOnly>true</sslOnly>
<fields>
<set>
<WebAppAuthServerRecordField>
<type>DIGEST</type>
<domain>realm</domain>
<username>
<![CDATA[username]]>
</username>
<password>password</password>
</WebAppAuthServerRecordField>
</set>
</fields>
</serverRecord>
<oauth2Record>
<grantType>IMPLICIT</grantType>
<redirectUrl>http://www.redirectUrl.com</redirectUrl>
<seleniumScript>
<name>
<![CDATA[seleniumScriptOK]]>
</name>
<data>
<![CDATA[
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-
strict.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="selenium.base" href="http://10.10.31.25/" />
<title>seleauth</title>
</head>
<body>
<table cellpadding="1" cellspacing="1" border="1">
<thead>
<tr>
<td rowspan="1" colspan="3">Untitled Test Case</td>
</tr>
</thead>
<tbody>
<tr>
<td>open</td>
<td>http://10.10.31.25/login_2/index.php</td>
<td></td>
</tr>
<tr>
<td>type</td>
<td>name=username</td>
<td>@@authusername@@</td>
</tr>
<tr>
<td>type</td>
<td>name=password</td>
<td>@@authpassword@@</td>
</tr>
<tr>
<td>click</td>
<td>css=input[type="submit"]</td>
<td></td>
</tr>
</tbody>
</table>
</body></html>]]>
</data>
<regex>
<![CDATA[selenium]]>
</regex>
</seleniumScript>
<seleniumCreds>true</seleniumCreds>
<username>uname</username>
<password>pwd</password>
</oauth2Record>
</WebAppAuthRecord>
</data>
</ServiceRequest>
XML response
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="<qualys_base_url>/qps/xsd/3.0/was/webappauthrecord.xsd">
<responseCode>SUCCESS</responseCode>
<count>1</count>
<data>
<WebAppAuthRecord>
<id>82622</id>
</WebAppAuthRecord>
</data>
</ServiceResponse>
<platform API server>/qps/xsd/3.0/was/webappauthrecord.xsd