I'm trying to automate the downloading of WAS scan reports using the WAS API. When I run the count/was/report api, the count that is returned is zero. The manual says the "Count includes reports within the user’s scope". The api user account is not used to create scan configurations or run scans. We have a bunch of users that do this. But the api users does have visibility into the WAS configurations (i.e. I can get details using search/was/webapp) and the vulnerabilities detected in the scans (i.e. using search/was/finding).
So does 'user's scope' refer to scan reports created by a user? Or do i need to change something with the api user's access?
I would like to be able to download reports run by other people....