Per the permissions chart below:
A reader should be able to launch reports. In fact, you can even designate specific report templates to people otuside of their permission scope, which I have tried. However, with an API account set to reader:
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://qualysguard.qualys.com/api/2.0/fo/report/
Changing that account to Manager permissions results in a successful call. Thoughts?