Automated commit 'Merge pull request #1726 from sailpoint/devrel-1525

devrel-1525' by github action: 9913127814
sailpoint-oss · Jul 12, 2024 · 4fde072 · 4fde072
1 parent fd86604
commit 4fde072
Show file tree

Hide file tree

Showing 7 changed files with 49 additions and 37 deletions.
diff --git a/idn/beta/paths/access-profile-entitlements.yaml b/idn/beta/paths/access-profile-entitlements.yaml
@@ -4,16 +4,15 @@ get:
       - Access Profiles
     summary: List Access Profile's Entitlements
     description: >-
-        This API lists the Entitlements associated with a given Access Profile
+        Use this API to get a list of an access profile's entitlements. 
 
-
-        A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In
-        addition, a token with SOURCE_SUBADMIN authority must have access to the Source associated with the given
-        Access Profile
+        A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In
+        addition, a token with SOURCE_SUBADMIN authority must have access to the source associated with the specified
+        access profile.
     parameters:
       - name: id
         in: path
-        description: ID of the containing Access Profile
+        description: ID of the access profile containing the entitlements. 
         required: true
         schema:
           type: string
@@ -54,6 +53,9 @@ get:
 
 
           **source.id**: *eq, in*
+
+
+          Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names.  
         example: attribute eq "memberOf"
         required: false
       - in: query
@@ -70,7 +72,7 @@ get:
         required: false
     responses:
       '200':
-        description: List of Entitlements
+        description: List of entitlements.
         content:
           application/json:
             schema:

diff --git a/idn/beta/paths/access-profiles.yaml b/idn/beta/paths/access-profiles.yaml
@@ -16,7 +16,7 @@ get:
       description: >-
         If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or
         SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**,
-        which is shorthand for the calling Identity's ID.
+        which is shorthand for the calling identity's ID.
 
 
         A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not

diff --git a/idn/beta/paths/account.yaml b/idn/beta/paths/account.yaml
@@ -42,16 +42,17 @@ patch:
     - Accounts
   summary: Update Account
   description: >-
-    This updates account details.
+    Use this API to update account details. 
     A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.
 
-    This endpoint supports updating an account's correlation. The identityId and manuallyCorrelated fields can be
-    modified for any account. The attributes fields can be modified just for flat file accounts. 
-    To re-assign an account from one identity to another, replace the current identityId with a new value. 
-    If the account you're assigning was provisioned by IdentityNow, it's possible IdentityNow could create a new account 
+    This API supports updating an account's correlation. You can modify only the `identityId` and `manuallyCorrelated` fields for any flat file account. 
+    To reassign an account from one identity to another, replace the current `identityId` with a new value. 
+    If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account 
     for the previous identity as soon as the account is moved. If the account you're assigning is authoritative, 
-    this will cause the previous identity to become uncorrelated and could even result in its deletion.
-    All accounts that are reassigned will be set to manuallyCorrelated: true unless otherwise specified
+    this causes the previous identity to become uncorrelated and can even result in its deletion.
+    All accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.
+
+    >**Note:** The `attributes` field can only be modified for flat file accounts. 
   security:
     - UserContextAuth: [idn:accounts:manage]
   parameters:
@@ -72,7 +73,7 @@ patch:
         schema:
           type: array
           items:
-            $ref: "../schemas/JsonPatchOperation.yaml"
+            type: object
         example:
           Uncorrelate account:
             description: Remove account from Identity

diff --git a/idn/beta/paths/identity-profiles-identity-preview.yaml b/idn/beta/paths/identity-profiles-identity-preview.yaml
@@ -4,9 +4,11 @@ post:
     - Identity Profiles
   summary: Generate Identity Profile Preview
   description: >-
-    This generates a non-persisted IdentityDetails object that will represent
-    as the preview of the identities attribute when the given policy's
-    attribute config is applied.
+    Use this API to generate a non-persisted `IdentityDetails` object that represents
+    a preview of the identity attributes with a specified policy's
+    attribute config applied.
+
+    This API supports the `accountAttribute`, `rule`, and `reference` transform types. 
 
     A token with ORG_ADMIN authority is required to call this API to generate an identity preview.
   requestBody:

diff --git a/idn/v3/paths/access-profile-entitlements.yaml b/idn/v3/paths/access-profile-entitlements.yaml
@@ -4,16 +4,17 @@ get:
       - Access Profiles
     summary: List Access Profile's Entitlements
     description: >-
-        This API lists the Entitlements associated with a given Access Profile
+        Use this API to get a list of an access profile's entitlements. 
 
+        A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API. In
+        addition, a token with SOURCE_SUBADMIN authority must have access to the source associated with the specified
+        access profile.
 
-        A token with API, ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to invoke this API. In
-        addition, a token with SOURCE_SUBADMIN authority must have access to the Source associated with the given
-        Access Profile
+        >**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. 
     parameters:
       - name: id
         in: path
-        description: ID of the containing Access Profile
+        description: ID of the access profile containing the entitlements. 
         required: true
         schema:
           type: string
@@ -54,6 +55,9 @@ get:
 
 
           **source.id**: *eq, in*
+
+
+          Filtering is not supported for access profiles and entitlements that have the '+' symbol in their names. 
         example: attribute eq "memberOf"
         required: false
       - in: query
@@ -70,7 +74,7 @@ get:
         required: false
     responses:
       '200':
-        description: List of Entitlements
+        description: List of entitlements.
         content:
           application/json:
             schema:

diff --git a/idn/v3/paths/access-profiles.yaml b/idn/v3/paths/access-profiles.yaml
@@ -8,18 +8,20 @@ get:
 
     A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to
     call this API.
+
+    >**Note:** When you filter for access profiles that have the '+' symbol in their names, the response is blank. 
   parameters:
     - in: query
       name: for-subadmin
       schema:
         type: string
       description: >-
         If provided, filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or
-        SOURCE_SUBADMIN Identity. The value of the parameter is either an Identity ID, or the special value **me**,
-        which is shorthand for the calling Identity's ID.
+        SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID, or the special value **me**,
+        which is shorthand for the calling identity's ID.
 
 
-        A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an Identity that is not
+        A 400 Bad Request error is returned if the **for-subadmin** parameter is specified for an identity that is not
         a subadmin.
       example: 8c190e6787aa4ed9a90bd9d5344523fb
       required: false
@@ -82,7 +84,7 @@ get:
         type: string
         format: comma-separated
       description: >-
-        If present and not empty, additionally filters access profiles to those which are assigned to the Segment(s)
+        If present and not empty, additionally filters access profiles to those which are assigned to the segment(s)
         with the specified IDs.
 
 

diff --git a/idn/v3/paths/account.yaml b/idn/v3/paths/account.yaml
@@ -42,16 +42,17 @@ patch:
     - Accounts
   summary: Update Account
   description: >-
-    This updates account details.
+    Use this API to update account details. 
     A token with ORG_ADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to call this API.
 
-    This endpoint supports updating an account's correlation. The identityId and manuallyCorrelated fields can be
-    modified for any account. The attributes fields can be modified just for flat file accounts. 
-    To re-assign an account from one identity to another, replace the current identityId with a new value. 
-    If the account you're assigning was provisioned by IdentityNow, it's possible IdentityNow could create a new account 
+    This API supports updating an account's correlation. You can modify only the `identityId` and `manuallyCorrelated` fields for any flat file account. 
+    To reassign an account from one identity to another, replace the current `identityId` with a new value. 
+    If the account you're assigning was provisioned by Identity Security Cloud (ISC), it's possible for ISC to create a new account 
     for the previous identity as soon as the account is moved. If the account you're assigning is authoritative, 
-    this will cause the previous identity to become uncorrelated and could even result in its deletion.
-    All accounts that are reassigned will be set to manuallyCorrelated: true unless otherwise specified
+    this causes the previous identity to become uncorrelated and can even result in its deletion.
+    All accounts that are reassigned will be set to `manuallyCorrelated: true` unless you specify otherwise.
+
+    >**Note:** The `attributes` field can only be modified for flat file accounts. 
   security:
     - UserContextAuth: [idn:accounts:manage]
   parameters:
@@ -72,7 +73,7 @@ patch:
         schema:
           type: array
           items:
-            $ref: "../schemas/JsonPatchOperation.yaml"
+            type: object
         examples:
           Uncorrelate account:
             description: Remove account from Identity