Policy Audit Release 1.12 API
Table of Contents
A new release of Qualys Policy Audit (PA Release 1.12), which is released in June 2026, includes updates to an existing API. This API notification highlights recently released changes, enabling you to identify use cases that can benefit from the updated APIs.
What’s New?
Support for One Identity Safeguard Vault Across all Authentication Record APIs
We now support integration with One Identity Safeguard vault for authenticated scanning. You can now create One Identity Safeguard vaults and use them in authentication technologies.
Previously, users were required to manage their username and password credentials for authenticated scans. Users with One Identity Safeguard were unable to leverage their existing vault infrastructure to securely manage scanning credentials.
For making this change, the following APIs are impacted:
- Vaults API – GET and POST – /api/3.0/fo/vault/
- Authentication Technology APIs – GET and POST – /api/3.0/fo/auth/, /api/4.0/fo/auth/mysql/, and /api/4.0/fo/auth/sybase/
Compliance Framework Reports APIs
We are introducing new Compliance Framework Reports APIs. These APIs help in providing the required data and for managing compliance framework reports. The following are the list of APIs:
- Get Preferred Framework List – GET – /pcrs/1.0/mandate/list
- Get Policies List – GET – /pcrs/1.0/policy/list
- Get Asset Groups List – GET – /pcrs/1.0/assetGroup/list
- Get Asset Tags List – GET – /pcrs/1.0/assetTag/list
- Get Asset Sources List – GET – /pcrs/1.0/mandate/report/sources
- Create Compliance Framework Report – POST – /pcrs/1.0/mandate/report
- Get Report Generation Status – GET – /pcrs/1.0/mandate/report/status
- Download Compliance Framework Report – GET – /pcrs/1.0/mandate/report/download/html
List Policies API: View Response Progress Updates
GET /api/4.0/fo/compliance/policy/?action=list
The List Policies API now provides progress updates in the response, showing the number of policy asset tags processed out of the total asset tags being retrieved.
For policies with asset tags, if the API response takes longer to generate, a progress message is displayed every 15 seconds indicating the current processing status until all are retrieved.
Use Asset Tags and Tag Rules Across all Authentication Record APIs
GET and POST /api/3.0/fo/auth/
You can now use asset tags and tag based rules across all authentication record APIs, enabling consistent scoping of authentication records beyond Unix and Windows authentication types.
This enhancement is implemented across multiple API versions. This update introduces tag driven scoping across a broader set of authentication technologies. You can now use tag based scoping for authentication records to the following technologies:
- Infoblox
- Apache web server
- BIND
- Docker
- IBM WebSphere App Sever
- Kubernetes
- MS Exchange Server
- MS IIS
- MS SharePoint
- NGINX
- Oracle HTTP Server
- Azure MS SQL
- InformixDB
- MS SQL
- Neo4j
- Pivotal Greenplum
- PostgreSQL
- SAP HANA
- SAP IQ
- OLVM
- MariaDB
For more details, please refer to the detailed release notes here, https://docs.qualys.com/en/vm/release-notes/mergedProjects/qualys_pa/pa/release_1_12_api.htm