Laura Seletos

Discussion: Non-expiring API Account in Qualys

Discussion created by Laura Seletos on Sep 4, 2018
Latest reply on Jun 12, 2019 by derekv

Discussion: How to set up a non-expiring API Account in Qualys.


Problem: Setting up the password expiration policy within Qualys is a subscription level configuration setting. This has been an issue for some of my clients who would like to manage their API accounts within Qualys differently than the normal user accounts.


      Note: The password expiration policy is located under Users > Setup > Security > Advanced password security settings. These settings will apply to all user accounts in the subscription.


Solution: A workaround for this request is to integrate your company's SSO (SAML) with Qualys for user accounts and not API accounts. Then modify the Qualys password expiration policy so the API account has a different expiration policy than the SSO managed accounts. To set up SSO for your subscription, follow this tutorial: SAML Frequently Asked Questions (FAQ) 


      Note: Qualys supports SAML 2.0 for Single Sign-On. Qualys does not support SAML 1.0.


Please post below or reach out directly if you have any questions!