User permissions required to manage Qualys users (add, edit, view) are below.
User role |
Permissions |
Manager |
Add and edit all user accounts in the subscription. View all user accounts in subscription, including full user details. |
Administrator |
Add and edit user accounts except Manager and Administrator user. View all user accounts in subscription, including full user details. |
Unit Manager |
Add and edit user accounts to API user’s same business unit. View user accounts for users in their business unit, including full user details. See Unit Manager permissions |
Scanner, Reader, Auditor |
No permissions |
Unit Managers can view full user account details for users in their business unit. Unit Managers may also be able to view partial user account details for users outside of their business unit. This is determined by a subscription level permission set by Managers in the user interface.
If “Restrict view of user information for users outside of business unit” is not selected (the default), then Unit Managers have an unrestricted view and can see partial details about users who are not in their assigned business unit.
When a list users API request is made by a Manager or Unit Manager, the last login date for each user is provided in the XML results. This is the most recent date and time the user logged into the service. For a Manager, the last login date appears for all users in the subscription. For a Unit Manager, the last login date appears for all users in the Unit Manager’s same business unit.