Merge branch 'main' of github.com:sailpoint-oss/api-specs

idn/beta/paths/campaign-template.yaml

@@ -118,6 +118,7 @@ delete:
     - Certification Campaigns
   summary: Delete a Campaign Template
   description: Deletes a campaign template by ID.
+  deprecated: true
   security:
     - UserContextAuth: [ idn:campaign-template:delete ]
   parameters:
@@ -131,7 +132,7 @@ delete:
   responses:
     '204':
       $ref: '../../v3/responses/204.yaml'
-      description: The Source was successfully deleted.
+      description: The campaign template was successfully deleted.
     '400':
       $ref: '../../v3/responses/400.yaml'
     '404':

idn/beta/paths/identities-process.yaml

@@ -12,6 +12,8 @@ post:
     5. Potentially clean-up identity processing errors, assuming the error has been resolved.
     
     To learn more, refer to the [identity processing documentation](https://documentation.sailpoint.com/saas/help/setup/identity_processing.html).
+
+    A token with ORG_ADMIN or HELPDESK authority is required to call this API.
   security:
     - UserContextAuth:
         - "idn:identity:manage"
@@ -27,7 +29,7 @@ post:
       content:
         application/json:
           schema:
-            $ref: "../schemas/BaseReferenceDto.yaml"
+            $ref: "../schemas/TaskResultResponse.yaml"
     "400":
       $ref: "../../v3/responses/400.yaml"
     "401":

idn/beta/paths/mfa-config-delete.yaml

@@ -0,0 +1,46 @@
+delete:
+  operationId: deleteMFAConfig
+  tags:
+    - MFA Configuration
+  summary: Delete MFA method configuration
+  description: >-
+    This API removes the configuration for the specified MFA method.
+
+    A token with ORG_ADMIN authority is required to call this API.
+  security:
+    - UserContextAuth: [idn:mfa-configuration:manage]
+  parameters:
+    - in: path
+      name: method
+      schema:
+        type: string
+        example: okta-verify
+      required: true
+      description: >-
+        The name of the MFA method.
+        The currently supported method names are 'okta-verify' and 'duo-web'.
+  responses:
+    "200":
+      description: MFA configuration of an MFA method.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/MfaOktaConfig.yaml"
+          example:
+            {
+              "mfaMethod": "okta-verify",
+              "enabled": true,
+              "host": "www.example.com",
+              "accessKey": "d******Y",
+              "identityAttribute": "email",
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"

idn/beta/paths/mfa-config-test.yaml

@@ -19,7 +19,7 @@ get:
       required: true
       description: >-
         The name of the MFA method.
-        The currently supported method name is okta-verify.
+        The currently supported method names are 'okta-verify' and 'duo-web'.
   responses:
     "200":
       description: The result of configuration test for the MFA provider.

idn/beta/paths/mfa-duo-config.yaml

@@ -0,0 +1,97 @@
+get:
+  operationId: getMFADuoConfig
+  tags:
+    - MFA Configuration
+  summary: Configuration of Duo MFA method
+  description: >-
+    This API returns the configuration of an Duo MFA method.
+    A token with ORG_ADMIN authority is required to call this API.
+  security:
+    - UserContextAuth: [idn:mfa-configuration:read, idn:mfa-configuration:manage]
+  responses:
+    "200":
+      description: The configuration of an Duo MFA method.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/MfaDuoConfig.yaml"
+          example:
+            {
+              "mfaMethod": "duo-web",
+              "enabled": true,
+              "host": "www.example.com",
+              "accessKey": "d******Y",
+              "identityAttribute": "email",
+              "configProperties": {
+                "skey": "6******B",
+                "ikey": "Q123WE45R6TY7890ZXCV"
+              }
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"
+
+put:
+  operationId: setMFADuoConfig
+  tags:
+    - MFA Configuration
+  summary: Set Duo MFA configuration
+  description: >-
+    This API sets the configuration of an Duo MFA method.
+    A token with ORG_ADMIN authority is required to call this API.
+  security:
+    - UserContextAuth: [idn:mfa-configuration:manage]
+  requestBody:
+    required: true
+    content:
+      application/json:
+        schema:
+          $ref: "../schemas/MfaDuoConfig.yaml"
+        example:
+          {
+            "mfaMethod": "duo-web",
+            "enabled": true,
+            "host": "www.example.com",
+            "accessKey": "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
+            "identityAttribute": "email",
+            "configProperties": {
+              "skey": "12q3WERlcUHWJmiMqyCXI3uOF7EaDJTbdeOp6E2B",
+              "ikey": "Q123WE45R6TY7890ZXCV"
+            }
+          }
+  responses:
+    "200":
+      description: MFA configuration of an Duo MFA method.
+      content:
+        application/json:
+          schema:
+            $ref: "../schemas/MfaDuoConfig.yaml"
+          example:
+            {
+              "mfaMethod": "duo-web",
+              "enabled": true,
+              "host": "www.example.com",
+              "accessKey": "q******y",
+              "identityAttribute": "email",
+              "configProperties": {
+                "skey": "1******B",
+                "ikey": "Q123WE45R6TY7890ZXCV"
+              }
+            }
+    "400":
+      $ref: "../../v3/responses/400.yaml"
+    "401":
+      $ref: "../../v3/responses/401.yaml"
+    "403":
+      $ref: "../../v3/responses/403.yaml"
+    "429":
+      $ref: "../../v3/responses/429.yaml"
+    "500":
+      $ref: "../../v3/responses/500.yaml"

idn/beta/paths/mfa-config.yaml → idn/beta/paths/mfa-okta-config.yaml

@@ -1,35 +1,26 @@
 get:
-  operationId: getMFAConfig
+  operationId: getMFAOktaConfig
   tags:
     - MFA Configuration
-  summary: Configuration of a MFA method
+  summary: Configuration of Okta MFA method
   description: >-
-    This API returns the configuration of a given MFA method.
+    This API returns the configuration of an Okta MFA method.
     A token with ORG_ADMIN authority is required to call this API.
   security:
     - UserContextAuth: [idn:mfa-configuration:read, idn:mfa-configuration:manage]
-  parameters:
-    - in: path
-      name: method
-      schema:
-        type: string
-        example: okta-verify
-      required: true
-      description: >-
-        The name of the MFA method.
-        The currently supported method name is okta-verify.
   responses:
     "200":
-      description: MFA configuration of a given method.
+      description: The configuration of an Okta MFA method.
       content:
         application/json:
           schema:
-            $ref: "../schemas/MfaConfig.yaml"
+            $ref: "../schemas/MfaOktaConfig.yaml"
           example:
             {
+              "mfaMethod": "okta-verify",
               "enabled": true,
               "host": "www.example.com",
-              "accessKey": "dk778Y3QlA5UqocYpdU3rEkzrK2D497y",
+              "accessKey": "d******Y",
               "identityAttribute": "email",
             }
     "400":
@@ -44,50 +35,42 @@ get:
       $ref: "../../v3/responses/500.yaml"
 
 put:
-  operationId: setMFAConfig
+  operationId: setMFAOktaConfig
   tags:
     - MFA Configuration
-  summary: Set MFA method configuration
+  summary: Set Okta MFA configuration
   description: >-
-    This API sets the configuration of a given MFA method.
+    This API sets the configuration of an Okta MFA method.
     A token with ORG_ADMIN authority is required to call this API.
   security:
     - UserContextAuth: [idn:mfa-configuration:manage]
-  parameters:
-    - in: path
-      name: method
-      schema:
-        type: string
-        example: okta-verify
-      required: true
-      description: >-
-        The name of the MFA method.
-        The currently supported method name is okta-verify.
   requestBody:
     required: true
     content:
       application/json:
         schema:
-          $ref: "../schemas/MfaConfig.yaml"
+          $ref: "../schemas/MfaOktaConfig.yaml"
         example:
           {
+            "mfaMethod": "okta-verify",
             "enabled": true,
             "host": "www.example.com",
             "accessKey": "dk778Y3QlA5UqocYpdU3rEkzrK2D497y",
             "identityAttribute": "email",
           }
   responses:
     "200":
-      description: MFA configuration of a given method.
+      description: MFA configuration of an Okta MFA method.
       content:
         application/json:
           schema:
-            $ref: "../schemas/MfaConfig.yaml"
+            $ref: "../schemas/MfaOktaConfig.yaml"
           example:
             {
+              "mfaMethod": "okta-verify",
               "enabled": true,
               "host": "www.example.com",
-              "accessKey": "dk778Y3QlA5UqocYpdU3rEkzrK2D497y",
+              "accessKey": "d******Y",
               "identityAttribute": "email",
             }
     "400":

idn/beta/paths/role-mining-potential-role-source-identity-usage.yaml

@@ -0,0 +1,58 @@
+get:
+  operationId: getPotentialRoleSourceIdentityUsage
+  summary: Retrieves potential role source usage
+  tags:
+    - IAI Role Mining
+  description: >-
+    This method returns source usageCount (as number of days in the last 90 days) for each identity in a potential role.
+  security:
+    - UserContextAuth: []
+  parameters:
+    - in: path
+      name: potentialRoleId
+      schema:
+        type: string
+      required: true
+      description: A potential role id
+      example: e0cc5d7d-bf7f-4f81-b2af-8885b09d9923
+    - in: path
+      name: sourceId
+      schema:
+        type: string
+      required: true
+      description: A source id
+      example: 2c9180877620c1460176267f336a106f
+    - in: query
+      name: sorters
+      required: false
+      style: form
+      explode: true
+      schema:
+        type: string
+        format: comma-separated
+      description: >-
+        Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters/)
+        Sorting is supported for the following fields: **displayName, email, usageCount**
+      example: '-usageCount'
+    - $ref: '../../v3/parameters/offset.yaml'
+    - $ref: '../../v3/parameters/limit.yaml'
+    - $ref: '../../v3/parameters/count.yaml'
+  responses:
+    '200':
+      description: Succeeded. Returns a list of source usage for the identities in a potential role.
+      content:
+        application/json:
+          schema:
+            type: array
+            items:
+              $ref: '../schemas/RoleMiningPotentialRoleSourceUsage.yaml'
+    '400':
+      $ref: '../../v3/responses/400.yaml'
+    '401':
+      $ref: '../../v3/responses/401.yaml'
+    '403':
+      $ref: '../../v3/responses/403.yaml'
+    '429':
+      $ref: '../../v3/responses/429.yaml'
+    '500':
+      $ref: '../../v3/responses/500.yaml'