Qualys Cloud Platform 1.36 (CS) API Notification 1

Prabhas Gupte
Prabhas Gupte
- 2 min read

Table of Contents

A new release of Qualys Cloud Platform 1.36 (CS) includes updated APIs, which is targeted for release in February 2025. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the upcoming API changes, allowing you to identify use cases that can leverage these updated APIs.

What’s New?

With this release, Container Security has introduced new rules and rule types for Admission Controller and CI/CD Policies. Along with this, Container Security now supports OAuth and OpenID Connect Authentication Standards. The Container Security APIs are updated accordingly.

Update in Admission Controller and CI/CD Policies

In this release, Container Security has introduced some new rules and rule types in the Admission Controller and CI/CD Policies. The following APIs are updated for both Admission Controller Policy and CI/CD Policy.

Updated API: Show Details of a Centralized Policy

GET /csapi/v1.3/centralizedPolicy/{policyId}

DTD or XSD changes: No

Updated API: Create a Centralized Policy

POST /csapi/v1.3/centralizedPolicy

DTD or XSD changes: No

Updated API: Update a Centralized Policy

PUT /csapi/v1.3/centralizedPolicy/{policyId}

DTD or XSD changes: No

Updated API: Activate or Deactivate a Centralized Policy

PUT /csapi/v1.3/centralizedPolicy/{policyId}/mode

DTD or XSD changes: No

Support for OAuth 2.0 and OpenID Connect Authentication Standards

With this release, we have upgraded our API security by incorporating OAuth 2.0 and OpenID Connect for authentication and authorization processes. A standardized authentication and authorization procedure accessing the APIs is now available. Our system now ensures a smooth integration with previously established authentication infrastructures.

The integrated support for OAuth 2.0 and OpenID Connect, which enhances authentication and authorization measures. Our implementation adheres strictly to prevailing industry security standards and best practices. The platform now accommodates a variety of OAuth 2.0 grant types, including authorization code and client credentials, among others. Additionally, compatibility with current identity providers and authentication systems has been ensured, facilitating a seamless integration experience.

For more details, please refer the release note here: https://docs.qualys.com/en/cs/release-notes/container_security/release_1_36_api.htm

Share your Comments

Comments

Your email address will not be published. Required fields are marked *